CVE-2026-34942

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

CVE-2025-27200

Animate versions 24.0.7, 23.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-27199 Animate | Heap-based Buffer Overflow (CWE-122)

Animate versions 24.0.7, 23.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2025-15618 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 24.0.7 and earlier Description: The issue is a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. To exploit this problem, it is necessary for the victim to open a...

Adobe Animate 缓冲区错误漏洞

Adobe Animate is a suite of Flash animation authoring software from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Animate 24.0.7, 23.0.10 and prior versions, which originates from an out-of-bounds read and could lead to a sensitive memory disclosure...

CVE-2024-11103

The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated...

PT-2024-16765

Name of the Vulnerable Software and Affected Versions Contest Gallery plugin for WordPress versions up to, and including, 24.0.7 Description The issue is related to privilege escalation via account takeover due to the plugin not properly validating a user's identity prior to updating their...

WordPress plugin Contest Gallery 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization issue...

Nextcloud Server 24.0.4 < 24.0.7, 25.x < 25.0.1 Improper Access Control Vulnerability (GHSA-7w6h-5qgw-4j94)

Nextcloud Server is prone to an improper access control vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Nextcloud Server < 24.0.7, 25.x < 25.0.1 Improper Access Control Vulnerability (GHSA-9mh6-cph8-772c)

Nextcloud Server is prone to an improper access control vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Nextcloud 安全漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 24.0.7, 25.0.1 and prior to 25.0.1, which stems from a disabled download share that...

Nextcloud 资源管理错误漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A resource management error vulnerability exists in Nextcloud Server versions prior to 23.0.11, 24.0.7, and 25.0.0, which stems from creating a user as an...