125 matches found
CVE-2021-44190
Adobe After Effects is affected by CVE-2021-44190: an out-of-bounds read in the MP4 parsing path could disclose memory and bypass ASLR. Affected versions include 22.0 and earlier, and 18.4.2 and earlier. Exploitation requires user interaction (victim must open a malicious file); there is no indic...
CVE-2022-23200
Adobe After Effects is affected by an out-of-bounds write vulnerability (CVE-2022-23200) in versions 22.1.1 and earlier and 18.4.3 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Patches are provided under...
CVE-2022-24097
CVE-2022-24097 affects Adobe After Effects versions 22.2 and earlier, and 18.4.4 and earlier, due to an out-of-bounds write that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). The fix is in Adobe APSB22-...
CVE-2022-24095
Adobe After Effects is affected by CVE-2022-24095 (and related CVEs 24094/24096/24097). The issue is a stack-based buffer overflow in versions 22.2 and earlier and 18.4.4 and earlier that could allow arbitrary code execution in the context of the current user; exploitation requires the user to op...
CVE-2022-27783
The CVE-2022-27783 issue affects Adobe After Effects and is caused by a stack overflow from insecure handling of a crafted file, enabling arbitrary code execution in the user’s context. Exploitation requires user interaction (opening a crafted file). Affected versions include 22.2.1 and earlier, ...
CVE-2022-24096
Adobe After Effects versions 22.2 and earlier, and 18.4.4 and earlier, are affected by a heap-based buffer overflow that could allow arbitrary code execution when a user opens a crafted file. Exploitation requires user interaction. remediation: upgrade to 18.4.5 or 22.2.1 (or later) per APSB22-17.
CVE-2022-24094
CVE-2022-24094 affects Adobe After Effects versions 22.2 and earlier, and 18.4.4 and earlier, due to a stack-based buffer overflow. This could allow arbitrary code execution in the context of the current user, requiring the victim to open a malicious file. Remediation mentioned in the connected c...
CVE-2021-40752
Summary of CVE-2021-40752 : Adobe After Effects (version 18.4 and earlier) is affected by a memory corruption vulnerability caused by insecure handling/parsing of a malicious .m4a file, potentially enabling arbitrary code execution in the context of the current user. Exploitation requires user in...
CVE-2022-27784
Adobe After Effects is affected by CVE-2022-27784: a stack overflow in versions 22.2.1 and earlier and 18.4.5 and earlier due to insecure handling of a crafted file, potentially leading to arbitrary code execution. Exploitation requires the user to open a crafted file. Remediation: apply the Adob...
CVE-2023-22233
Adobe After Effects is affected by CVE-2023-22233, an out-of-bounds read vulnerability impacting After Effects versions 23.1 and earlier, and 22.6.3 and earlier. The issue could disclose sensitive memory and bypass ASLR; exploitation requires the victim to open a malicious file. Public citations ...
CVE-2020-3765
Adobe After Effects (versions 16.1.2 and earlier) contains an out-of-bounds write vulnerability that could allow arbitrary code execution. The CVE-2020-3765 entry is supported by multiple sources in the connected documents, which consistently state that affected products are After Effects 16.1.2 ...
CVE-2023-22237
CVE-2023-22237 is an Adobe After Effects font-parsing out-of-bounds write that could allow arbitrary code execution in the current user context. Exploitation requires a user to open a malicious file. Affected: After Effects 23.1 and earlier, and 22.6.3 and earlier (Windows/macOS). Mitigation: app...
CVE-2021-44193
Adobe After Effects is affected by CVE-2021-44193: an out-of-bounds read in versions 22.0 and earlier and 18.4.2 and earlier that can lead to information disclosure and bypass ASLR. Exploitation requires a user to open a malicious file. The issue is addressed by Adobe security updates (e.g., APSB...
CVE-2021-44195
Adobe After Effects is affected by CVE-2021-44195: versions 22.0 and earlier, and 18.4.2 and earlier contain an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires a user to open a malicious file. The issue is addressed by updates referenced in APSB advisories; for ...
CVE-2024-20737
Adobe After Effects is affected by CVE-2024-20737: an out-of-bounds read in RGB file parsing that can disclose sensitive memory and bypass ASLR. Affected versions include 24.1, 23.6.2 and earlier. Exploitation requires user interaction (victim opens a malicious file) and may have a high confident...
CVE-2021-40754
CVE-2021-40754 affects Adobe After Effects 18.4.1 and earlier due to a memory corruption vulnerability in parsing a malicious WAV file, allowing arbitrary code execution in the caller’s context after the user opens a crafted file. Exploitation requires user interaction. Remediation per APSB21-79 ...
CVE-2021-43755
CVE-2021-43755 affects Adobe After Effects 22.0 and earlier and 18.4.2 and earlier, due to an Out-of-bounds Write from insecure handling of a malicious file. Exploitation requires user interaction (victim opens a crafted file) and could lead to arbitrary code execution in the user’s context. The ...
CVE-2021-44188
Adobe After Effects before 18.4.3 and 22.0.0 before 22.1.1 are affected by an out-of-bounds read in 3GP file parsing that could allow code execution in the user’s context. Exploitation requires user interaction (opening a malicious file). Remediation: update to 18.4.3 or 22.1.1 (as per APSB23-02 ...
CVE-2021-44191
Adobe After Effects is affected by CVE-2021-44191 (and related) through an out-of-bounds read that can disclose memory and bypass ASLR. Affected: After Effects versions 22.0 and earlier and 18.4.2 and earlier. Attack requires user interaction (open a malicious file). Impact is information disclos...
CVE-2021-36018
CVE-2021-36018 affects Adobe After Effects 18.2.1 and earlier, with an Out-of-bounds Read when parsing a specially crafted file. An unauthenticated attacker could disclose memory information in the context of the current user, with exploitation requiring user interaction (victim opens a malicious...
CVE-2020-3809
Adobe After Effects prior to 17.0.6 is affected by CVE-2020-3809, a TIF parsing out-of-bounds read vulnerability that could disclose sensitive information. Affected versions: 17.0.1 and earlier (Windows and macOS). Root cause is an out-of-bounds read within TIF file handling; exploitation could l...
CVE-2021-28605
Adobe After Effects 18.2 and earlier are affected by a memory corruption vulnerability in the file-parsing path that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected versions include 18.2 and ...
CVE-2021-44192
Adobe After Effects is affected by CVE-2021-44192: an out-of-bounds read in MOV file parsing on versions 22.0 and earlier, and 18.4.2 and earlier, potentially disclosing memory contents and bypassing mitigations such as ASLR. Exploitation requires user interaction (opening a malicious file). Affe...
CVE-2021-28607
CVE-2021-28607 affects Adobe After Effects 18.2 and earlier, with a heap corruption vulnerability when parsing a specially crafted file that could allow arbitrary code execution in the user’s context. Exploitation requires user interaction (victim opens a malicious file). The issue is documented ...
CVE-2021-28616
Adobe After Effects 18.2 and earlier is affected by CVE-2021-28616, an out-of-bounds read vulnerability when parsing a specially crafted file. An unauthenticated attacker could disclose memory contents and cause a denial of service in the context of the current user, with exploitation requiring t...
CVE-2021-44194
CVE-2021-44194 affects Adobe After Effects 22.0 and earlier, and 18.4.2 and earlier, described as an out-of-bounds read in 3GP file parsing that could disclose memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). Public references confirm this is an informati...
CVE-2020-9660
CVE-2020-9660 affects Adobe After Effects versions 17.1 and earlier, with an out-of-bounds write vulnerability that could lead to arbitrary code execution upon exploitation. The issue is documented in multiple sources (NVD/NIST listing and Adobe APSB20-35 advisory) and is referenced alongside rel...
CVE-2021-28600
Summary (CVE-2021-28600) Adobe After Effects 18.2 and earlier is affected by an out-of-bounds read vulnerability triggered while parsing a specially crafted file. An unauthenticated attacker could use this to disclose memory information in the context of the current user, with exploitation requir...
CVE-2021-28615
Summary (CVE-2021-28615) : Adobe After Effects 18.2 and earlier is affected by an out-of-bounds read vulnerability while parsing specially crafted files, enabling an unauthenticated attacker to read memory in the context of the current user. Exploitation requires user interaction (victim opens ma...
CVE-2021-40757
CVE-2021-40757 affects Adobe After Effects 18.4.1 and earlier, caused by memory corruption from insecure handling of a malicious MXF file, enabling possible arbitrary code execution with user interaction. Remediation per APSB21-79 is to upgrade to After Effects 18.4.2 or later; ThreatPost notes n...
CVE-2021-36019
Adobe After Effects 18.2.1 and earlier are affected by an Out-of-bounds Read when parsing specially crafted files, enabling an attacker to disclose memory information. Exploitation requires user interaction (victim opens a malicious file). ADOBE APSB21-54 confirms multiple vulnerabilities and lis...
CVE-2021-40758
CVE-2021-40758 affects Adobe After Effects versions 18.4.1 and earlier. The vulnerability is a memory corruption flaw caused by insecure handling of a malicious WAV file, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires the user to open a cra...
CVE-2021-28606
CVE-2021-28606 concerns Adobe After Effects 18.2 and earlier. The vulnerability is a stack-based buffer overflow that occurs while parsing a specially crafted file, enabling arbitrary code execution in the context of the current user. An unauthenticated attacker would need the victim to open a ma...
CVE-2021-35996
CVE-2021-35996 affects Adobe After Effects up to version 18.2.1 (and earlier). The issue is a memory corruption vulnerability triggered while parsing a specially crafted file, allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim open...
CVE-2023-47068
Concrete details confirm CVE-2023-47068 affects Adobe After Effects up to versions 24.0.2 and 23.6 and earlier, with an out-of-bounds read when parsing a crafted file, potentially allowing code execution in the user context. Exploitation requires user interaction (victim opens a malicious file). ...
CVE-2025-27204
CVE-2025-27204 affects Adobe After Effects up to versions 25.1 and 24.6.4 and earlier, due to an out-of-bounds read that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Connected sources indicate Adobe released APSB25-23 security upda...
CVE-2021-28570
CVE-2021-28570 affects Adobe After Effects 18.1 and earlier. It is an Uncontrolled Search Path Element vulnerability that could allow an unauthenticated attacker to plant and execute a binary with System permissions ; exploitation requires user interaction. The issue is confirmed in APSB21-33, wh...
CVE-2021-28611
CVE-2021-28611 is an out-of-bounds read vulnerability affecting Adobe After Effects 18.2 and earlier. It arises when parsing a specially crafted file, enabling an unauthenticated attacker to disclose memory and cause a DoS under the current user. Exploitation requires user interaction (victim mus...
CVE-2021-28612
CVE-2021-28612 affects Adobe After Effects 18.2 and earlier. The vulnerability is an out-of-bounds read when parsing a specially crafted file, allowing memory disclosure and potential DoS in the current user context. Exploitation requires user interaction (opening a malicious file). Public source...
CVE-2021-35993
CVE-2021-35993 is an out-of-bounds Write in Adobe After Effects 18.2.1 and earlier triggered when parsing a specially crafted file. An unauthenticated attacker could achieve arbitrary code execution in the current user context, with exploit requiring user interaction (victim opens a malicious fil...
CVE-2021-35994
Adobe After Effects 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability in the parsing of crafted files, enabling arbitrary code execution in the current user context after opening a malicious file. Impact is high (arbitrary code execution, requires user interaction). Remedia...
CVE-2023-22239
CVE-2023-22239 (Adobe After Effects) affects After Effects versions 23.1 and earlier, and 22.6.3 and earlier. It is an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user, requiring user interaction to open a malicious file. Affecte...
CVE-2025-27182
Adobe After Effects is affected by an out-of-bounds write vulnerability (CWE-787) that could allow arbitrary code execution in the context of the current user. Affected versions include 25.1, 24.6.4 and earlier. Exploitation requires user interaction, as a victim must open a malicious file. Detai...
CVE-2020-24418
Adobe After Effects 17.1.1 and earlier is affected by an out-of-bounds read when parsing crafted .aepx files, enabling arbitrary code execution in the context of the current user. The vulnerability requires user interaction to exploit. Multiple connected sources confirm the issue (CVE-2020-24418)...
CVE-2021-28587
Adobe After Effects contains an out-of-bounds read vulnerability (CVE-2021-28587) in the TIFF parsing path affecting version 18.0 and earlier. An attacker could disclose memory and bypass ASLR, with exploitation requiring user interaction (opening a malicious file). Production notes from APSB21-3...
CVE-2021-28608
CVE-2021-28608 affects Adobe After Effects 18.2 and earlier. A heap-based buffer overflow occurs when parsing a specially crafted file, allowing an unauthenticated, context-user arbitrary code execution, with exploitation requiring user interaction (victim opens a malicious file). Remediation: ap...
CVE-2023-47070
Adobe After Effects is affected by an out-of-bounds write vulnerability in versions 24.0.2 and earlier and 23.6 and earlier that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Updates released as...
CVE-2025-27185
CVE-2025-27185 affects Adobe After Effects versions 25.1, 24.6.4 and earlier, due to a NULL Pointer Dereference that can crash the application and cause a denial-of-service. Exploitation requires user interaction (open a malicious file). Related sources corroborate the issue and note updates addr...
CVE-2019-8062
CVE-2019-8062 affects Adobe After Effects versions 16 and earlier. The issue is insecure library loading (DLL hijacking), which could allow arbitrary code execution upon successful exploitation. Remediation from connected details points to updating to a newer version (e.g., 16.1.2 or later, per A...
CVE-2020-24419
CVE-2020-24419 affects Adobe After Effects 17.1.1 and earlier on Windows, due to an uncontrolled search-path element in the application, enabling arbitrary code execution in the user context after opening a malicious file. The issue requires user interaction. Adobe APSB20-62 documents fixes that ...