Lucene search
K
AdobeAfter Effects

125 matches found

CVE
CVE
added 2023/09/07 1:5 p.m.169 views

CVE-2021-44190

Adobe After Effects is affected by CVE-2021-44190: an out-of-bounds read in the MP4 parsing path could disclose memory and bypass ASLR. Affected versions include 22.0 and earlier, and 18.4.2 and earlier. Exploitation requires user interaction (victim must open a malicious file); there is no indic...

3.3CVSS3.4AI score0.00303EPSS
CVE
CVE
added 2022/02/16 4:38 p.m.144 views

CVE-2022-23200

Adobe After Effects is affected by an out-of-bounds write vulnerability (CVE-2022-23200) in versions 22.1.1 and earlier and 18.4.3 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Patches are provided under...

7.8CVSS7.9AI score0.02993EPSS
CVE
CVE
added 2022/03/11 5:54 p.m.139 views

CVE-2022-24097

CVE-2022-24097 affects Adobe After Effects versions 22.2 and earlier, and 18.4.4 and earlier, due to an out-of-bounds write that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). The fix is in Adobe APSB22-...

9.3CVSS7.9AI score0.02332EPSS
CVE
CVE
added 2022/03/11 5:54 p.m.124 views

CVE-2022-24095

Adobe After Effects is affected by CVE-2022-24095 (and related CVEs 24094/24096/24097). The issue is a stack-based buffer overflow in versions 22.2 and earlier and 18.4.4 and earlier that could allow arbitrary code execution in the context of the current user; exploitation requires the user to op...

9.3CVSS7.9AI score0.03803EPSS
CVE
CVE
added 2022/05/06 5:23 p.m.119 views

CVE-2022-27783

The CVE-2022-27783 issue affects Adobe After Effects and is caused by a stack overflow from insecure handling of a crafted file, enabling arbitrary code execution in the user’s context. Exploitation requires user interaction (opening a crafted file). Affected versions include 22.2.1 and earlier, ...

9.3CVSS7.8AI score0.03682EPSS
CVE
CVE
added 2022/03/11 5:54 p.m.118 views

CVE-2022-24096

Adobe After Effects versions 22.2 and earlier, and 18.4.4 and earlier, are affected by a heap-based buffer overflow that could allow arbitrary code execution when a user opens a crafted file. Exploitation requires user interaction. remediation: upgrade to 18.4.5 or 22.2.1 (or later) per APSB22-17.

9.3CVSS7.9AI score0.03803EPSS
CVE
CVE
added 2022/03/11 5:54 p.m.117 views

CVE-2022-24094

CVE-2022-24094 affects Adobe After Effects versions 22.2 and earlier, and 18.4.4 and earlier, due to a stack-based buffer overflow. This could allow arbitrary code execution in the context of the current user, requiring the victim to open a malicious file. Remediation mentioned in the connected c...

9.3CVSS7.9AI score0.03803EPSS
CVE
CVE
added 2021/11/18 4:13 p.m.111 views

CVE-2021-40752

Summary of CVE-2021-40752 : Adobe After Effects (version 18.4 and earlier) is affected by a memory corruption vulnerability caused by insecure handling/parsing of a malicious .m4a file, potentially enabling arbitrary code execution in the context of the current user. Exploitation requires user in...

9.3CVSS7.8AI score0.02315EPSS
CVE
CVE
added 2022/05/06 5:24 p.m.110 views

CVE-2022-27784

Adobe After Effects is affected by CVE-2022-27784: a stack overflow in versions 22.2.1 and earlier and 18.4.5 and earlier due to insecure handling of a crafted file, potentially leading to arbitrary code execution. Exploitation requires the user to open a crafted file. Remediation: apply the Adob...

9.3CVSS7.8AI score0.03682EPSS
CVE
CVE
added 2023/02/17 12:0 a.m.108 views

CVE-2023-22233

Adobe After Effects is affected by CVE-2023-22233, an out-of-bounds read vulnerability impacting After Effects versions 23.1 and earlier, and 22.6.3 and earlier. The issue could disclose sensitive memory and bypass ASLR; exploitation requires the victim to open a malicious file. Public citations ...

5.5CVSS5.1AI score0.00315EPSS
CVE
CVE
added 2020/02/20 8:35 p.m.107 views

CVE-2020-3765

Adobe After Effects (versions 16.1.2 and earlier) contains an out-of-bounds write vulnerability that could allow arbitrary code execution. The CVE-2020-3765 entry is supported by multiple sources in the connected documents, which consistently state that affected products are After Effects 16.1.2 ...

10CVSS9.6AI score0.05941EPSS
CVE
CVE
added 2023/02/17 12:0 a.m.85 views

CVE-2023-22237

CVE-2023-22237 is an Adobe After Effects font-parsing out-of-bounds write that could allow arbitrary code execution in the current user context. Exploitation requires a user to open a malicious file. Affected: After Effects 23.1 and earlier, and 22.6.3 and earlier (Windows/macOS). Mitigation: app...

7.8CVSS7.7AI score0.00302EPSS
CVE
CVE
added 2023/09/07 1:5 p.m.84 views

CVE-2021-44193

Adobe After Effects is affected by CVE-2021-44193: an out-of-bounds read in versions 22.0 and earlier and 18.4.2 and earlier that can lead to information disclosure and bypass ASLR. Exploitation requires a user to open a malicious file. The issue is addressed by Adobe security updates (e.g., APSB...

3.3CVSS3.4AI score0.00303EPSS
CVE
CVE
added 2023/09/07 1:5 p.m.83 views

CVE-2021-44195

Adobe After Effects is affected by CVE-2021-44195: versions 22.0 and earlier, and 18.4.2 and earlier contain an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires a user to open a malicious file. The issue is addressed by updates referenced in APSB advisories; for ...

3.3CVSS3.4AI score0.00303EPSS
CVE
CVE
added 2024/04/10 8:56 a.m.83 views

CVE-2024-20737

Adobe After Effects is affected by CVE-2024-20737: an out-of-bounds read in RGB file parsing that can disclose sensitive memory and bypass ASLR. Affected versions include 24.1, 23.6.2 and earlier. Exploitation requires user interaction (victim opens a malicious file) and may have a high confident...

5.5CVSS5AI score0.00439EPSS
CVE
CVE
added 2021/11/18 4:19 p.m.81 views

CVE-2021-40754

CVE-2021-40754 affects Adobe After Effects 18.4.1 and earlier due to a memory corruption vulnerability in parsing a malicious WAV file, allowing arbitrary code execution in the caller’s context after the user opens a crafted file. Exploitation requires user interaction. Remediation per APSB21-79 ...

9.3CVSS7.8AI score0.02315EPSS
CVE
CVE
added 2022/06/15 7:50 p.m.81 views

CVE-2021-43755

CVE-2021-43755 affects Adobe After Effects 22.0 and earlier and 18.4.2 and earlier, due to an Out-of-bounds Write from insecure handling of a malicious file. Exploitation requires user interaction (victim opens a crafted file) and could lead to arbitrary code execution in the user’s context. The ...

7.8CVSS7.8AI score0.01899EPSS
CVE
CVE
added 2023/09/07 12:54 p.m.78 views

CVE-2021-44188

Adobe After Effects before 18.4.3 and 22.0.0 before 22.1.1 are affected by an out-of-bounds read in 3GP file parsing that could allow code execution in the user’s context. Exploitation requires user interaction (opening a malicious file). Remediation: update to 18.4.3 or 22.1.1 (as per APSB23-02 ...

7.8CVSS7.5AI score0.00341EPSS
CVE
CVE
added 2023/09/07 1:5 p.m.75 views

CVE-2021-44191

Adobe After Effects is affected by CVE-2021-44191 (and related) through an out-of-bounds read that can disclose memory and bypass ASLR. Affected: After Effects versions 22.0 and earlier and 18.4.2 and earlier. Attack requires user interaction (open a malicious file). Impact is information disclos...

3.3CVSS3.4AI score0.00303EPSS
CVE
CVE
added 2021/09/02 5:0 p.m.73 views

CVE-2021-36018

CVE-2021-36018 affects Adobe After Effects 18.2.1 and earlier, with an Out-of-bounds Read when parsing a specially crafted file. An unauthenticated attacker could disclose memory information in the context of the current user, with exploitation requiring user interaction (victim opens a malicious...

4.3CVSS3.6AI score0.01768EPSS
CVE
CVE
added 2020/06/26 8:21 p.m.71 views

CVE-2020-3809

Adobe After Effects prior to 17.0.6 is affected by CVE-2020-3809, a TIF parsing out-of-bounds read vulnerability that could disclose sensitive information. Affected versions: 17.0.1 and earlier (Windows and macOS). Root cause is an out-of-bounds read within TIF file handling; exploitation could l...

5.5CVSS5AI score0.02288EPSS
CVE
CVE
added 2021/08/24 5:58 p.m.71 views

CVE-2021-28605

Adobe After Effects 18.2 and earlier are affected by a memory corruption vulnerability in the file-parsing path that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected versions include 18.2 and ...

9.3CVSS7.9AI score0.02268EPSS
CVE
CVE
added 2023/09/07 1:5 p.m.70 views

CVE-2021-44192

Adobe After Effects is affected by CVE-2021-44192: an out-of-bounds read in MOV file parsing on versions 22.0 and earlier, and 18.4.2 and earlier, potentially disclosing memory contents and bypassing mitigations such as ASLR. Exploitation requires user interaction (opening a malicious file). Affe...

3.3CVSS3.4AI score0.00303EPSS
CVE
CVE
added 2021/08/24 5:58 p.m.69 views

CVE-2021-28607

CVE-2021-28607 affects Adobe After Effects 18.2 and earlier, with a heap corruption vulnerability when parsing a specially crafted file that could allow arbitrary code execution in the user’s context. Exploitation requires user interaction (victim opens a malicious file). The issue is documented ...

9.3CVSS7.9AI score0.02629EPSS
CVE
CVE
added 2021/08/24 6:0 p.m.69 views

CVE-2021-28616

Adobe After Effects 18.2 and earlier is affected by CVE-2021-28616, an out-of-bounds read vulnerability when parsing a specially crafted file. An unauthenticated attacker could disclose memory contents and cause a denial of service in the context of the current user, with exploitation requiring t...

7.1CVSS6.2AI score0.01739EPSS
CVE
CVE
added 2023/09/07 1:5 p.m.69 views

CVE-2021-44194

CVE-2021-44194 affects Adobe After Effects 22.0 and earlier, and 18.4.2 and earlier, described as an out-of-bounds read in 3GP file parsing that could disclose memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). Public references confirm this is an informati...

3.3CVSS3.4AI score0.00303EPSS
CVE
CVE
added 2020/06/25 9:6 p.m.68 views

CVE-2020-9660

CVE-2020-9660 affects Adobe After Effects versions 17.1 and earlier, with an out-of-bounds write vulnerability that could lead to arbitrary code execution upon exploitation. The issue is documented in multiple sources (NVD/NIST listing and Adobe APSB20-35 advisory) and is referenced alongside rel...

9.3CVSS7.9AI score0.03348EPSS
CVE
CVE
added 2021/08/24 5:57 p.m.68 views

CVE-2021-28600

Summary (CVE-2021-28600) Adobe After Effects 18.2 and earlier is affected by an out-of-bounds read vulnerability triggered while parsing a specially crafted file. An unauthenticated attacker could use this to disclose memory information in the context of the current user, with exploitation requir...

5.5CVSS5.3AI score0.01789EPSS
CVE
CVE
added 2021/08/24 6:1 p.m.68 views

CVE-2021-28615

Summary (CVE-2021-28615) : Adobe After Effects 18.2 and earlier is affected by an out-of-bounds read vulnerability while parsing specially crafted files, enabling an unauthenticated attacker to read memory in the context of the current user. Exploitation requires user interaction (victim opens ma...

5.5CVSS5.3AI score0.01789EPSS
CVE
CVE
added 2021/11/18 4:24 p.m.68 views

CVE-2021-40757

CVE-2021-40757 affects Adobe After Effects 18.4.1 and earlier, caused by memory corruption from insecure handling of a malicious MXF file, enabling possible arbitrary code execution with user interaction. Remediation per APSB21-79 is to upgrade to After Effects 18.4.2 or later; ThreatPost notes n...

9.3CVSS7.8AI score0.02261EPSS
CVE
CVE
added 2021/09/02 5:0 p.m.67 views

CVE-2021-36019

Adobe After Effects 18.2.1 and earlier are affected by an Out-of-bounds Read when parsing specially crafted files, enabling an attacker to disclose memory information. Exploitation requires user interaction (victim opens a malicious file). ADOBE APSB21-54 confirms multiple vulnerabilities and lis...

4.3CVSS3.7AI score0.01768EPSS
CVE
CVE
added 2021/11/18 4:26 p.m.67 views

CVE-2021-40758

CVE-2021-40758 affects Adobe After Effects versions 18.4.1 and earlier. The vulnerability is a memory corruption flaw caused by insecure handling of a malicious WAV file, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires the user to open a cra...

9.3CVSS7.8AI score0.01955EPSS
CVE
CVE
added 2021/08/24 5:58 p.m.66 views

CVE-2021-28606

CVE-2021-28606 concerns Adobe After Effects 18.2 and earlier. The vulnerability is a stack-based buffer overflow that occurs while parsing a specially crafted file, enabling arbitrary code execution in the context of the current user. An unauthenticated attacker would need the victim to open a ma...

9.3CVSS7.8AI score0.04538EPSS
CVE
CVE
added 2021/09/02 5:0 p.m.65 views

CVE-2021-35996

CVE-2021-35996 affects Adobe After Effects up to version 18.2.1 (and earlier). The issue is a memory corruption vulnerability triggered while parsing a specially crafted file, allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim open...

9.3CVSS7.8AI score0.02481EPSS
CVE
CVE
added 2023/11/17 10:55 a.m.65 views

CVE-2023-47068

Concrete details confirm CVE-2023-47068 affects Adobe After Effects up to versions 24.0.2 and 23.6 and earlier, with an out-of-bounds read when parsing a crafted file, potentially allowing code execution in the user context. Exploitation requires user interaction (victim opens a malicious file). ...

7.8CVSS7.5AI score0.00397EPSS
CVE
CVE
added 2025/04/08 5:30 p.m.65 views

CVE-2025-27204

CVE-2025-27204 affects Adobe After Effects up to versions 25.1 and 24.6.4 and earlier, due to an out-of-bounds read that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Connected sources indicate Adobe released APSB25-23 security upda...

5.5CVSS6.3AI score0.00286EPSS
CVE
CVE
added 2021/06/28 1:49 p.m.64 views

CVE-2021-28570

CVE-2021-28570 affects Adobe After Effects 18.1 and earlier. It is an Uncontrolled Search Path Element vulnerability that could allow an unauthenticated attacker to plant and execute a binary with System permissions ; exploitation requires user interaction. The issue is confirmed in APSB21-33, wh...

9.3CVSS8.5AI score0.0178EPSS
CVE
CVE
added 2021/08/24 6:0 p.m.64 views

CVE-2021-28611

CVE-2021-28611 is an out-of-bounds read vulnerability affecting Adobe After Effects 18.2 and earlier. It arises when parsing a specially crafted file, enabling an unauthenticated attacker to disclose memory and cause a DoS under the current user. Exploitation requires user interaction (victim mus...

7.1CVSS6.4AI score0.01739EPSS
CVE
CVE
added 2021/08/24 6:3 p.m.64 views

CVE-2021-28612

CVE-2021-28612 affects Adobe After Effects 18.2 and earlier. The vulnerability is an out-of-bounds read when parsing a specially crafted file, allowing memory disclosure and potential DoS in the current user context. Exploitation requires user interaction (opening a malicious file). Public source...

7.1CVSS6.2AI score0.01739EPSS
CVE
CVE
added 2021/09/02 5:0 p.m.64 views

CVE-2021-35993

CVE-2021-35993 is an out-of-bounds Write in Adobe After Effects 18.2.1 and earlier triggered when parsing a specially crafted file. An unauthenticated attacker could achieve arbitrary code execution in the current user context, with exploit requiring user interaction (victim opens a malicious fil...

7.8CVSS7.7AI score0.02199EPSS
CVE
CVE
added 2021/09/02 5:0 p.m.64 views

CVE-2021-35994

Adobe After Effects 18.2.1 (and earlier) is affected by an out-of-bounds Write vulnerability in the parsing of crafted files, enabling arbitrary code execution in the current user context after opening a malicious file. Impact is high (arbitrary code execution, requires user interaction). Remedia...

9.3CVSS7.7AI score0.02438EPSS
CVE
CVE
added 2023/02/17 12:0 a.m.64 views

CVE-2023-22239

CVE-2023-22239 (Adobe After Effects) affects After Effects versions 23.1 and earlier, and 22.6.3 and earlier. It is an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user, requiring user interaction to open a malicious file. Affecte...

7.8CVSS7.7AI score0.00315EPSS
CVE
CVE
added 2025/04/08 5:30 p.m.64 views

CVE-2025-27182

Adobe After Effects is affected by an out-of-bounds write vulnerability (CWE-787) that could allow arbitrary code execution in the context of the current user. Affected versions include 25.1, 24.6.4 and earlier. Exploitation requires user interaction, as a victim must open a malicious file. Detai...

7.8CVSS7.6AI score0.0027EPSS
CVE
CVE
added 2020/10/21 8:18 p.m.63 views

CVE-2020-24418

Adobe After Effects 17.1.1 and earlier is affected by an out-of-bounds read when parsing crafted .aepx files, enabling arbitrary code execution in the context of the current user. The vulnerability requires user interaction to exploit. Multiple connected sources confirm the issue (CVE-2020-24418)...

9.3CVSS7.5AI score0.02971EPSS
CVE
CVE
added 2021/06/28 1:48 p.m.63 views

CVE-2021-28587

Adobe After Effects contains an out-of-bounds read vulnerability (CVE-2021-28587) in the TIFF parsing path affecting version 18.0 and earlier. An attacker could disclose memory and bypass ASLR, with exploitation requiring user interaction (opening a malicious file). Production notes from APSB21-3...

4.3CVSS3.6AI score0.01669EPSS
CVE
CVE
added 2021/08/24 6:0 p.m.63 views

CVE-2021-28608

CVE-2021-28608 affects Adobe After Effects 18.2 and earlier. A heap-based buffer overflow occurs when parsing a specially crafted file, allowing an unauthenticated, context-user arbitrary code execution, with exploitation requiring user interaction (victim opens a malicious file). Remediation: ap...

9.3CVSS7.8AI score0.04538EPSS
CVE
CVE
added 2023/11/17 10:55 a.m.63 views

CVE-2023-47070

Adobe After Effects is affected by an out-of-bounds write vulnerability in versions 24.0.2 and earlier and 23.6 and earlier that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Updates released as...

7.8CVSS7.8AI score0.00359EPSS
CVE
CVE
added 2025/04/08 5:30 p.m.63 views

CVE-2025-27185

CVE-2025-27185 affects Adobe After Effects versions 25.1, 24.6.4 and earlier, due to a NULL Pointer Dereference that can crash the application and cause a denial-of-service. Exploitation requires user interaction (open a malicious file). Related sources corroborate the issue and note updates addr...

5.5CVSS6.6AI score0.00254EPSS
CVE
CVE
added 2019/08/14 2:41 p.m.62 views

CVE-2019-8062

CVE-2019-8062 affects Adobe After Effects versions 16 and earlier. The issue is insecure library loading (DLL hijacking), which could allow arbitrary code execution upon successful exploitation. Remediation from connected details points to updating to a newer version (e.g., 16.1.2 or later, per A...

7.8CVSS7.7AI score0.03205EPSS
CVE
CVE
added 2020/10/21 8:18 p.m.62 views

CVE-2020-24419

CVE-2020-24419 affects Adobe After Effects 17.1.1 and earlier on Windows, due to an uncontrolled search-path element in the application, enabling arbitrary code execution in the user context after opening a malicious file. The issue requires user interaction. Adobe APSB20-62 documents fixes that ...

7.8CVSS7.4AI score0.00681EPSS
Total number of security vulnerabilities125