5.4
CVE-2024-3851 - Unrestricted File Upload Leading to XSS in imartinez/privategpt
A stored Cross-Site Scripting (XSS) vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exploit this vulnerability by uploading malicious HTML files, such as those containing JavaScript payloads, which are then executed in the contβ¦
5.3
CVE-2024-4972 - code-projects Simple Chat System login.php sql injection
A vulnerability classified as critical has been found in code-projects Simple Chat System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed β¦
7.8
CVE-2024-30295 - When Animate parses FLA files, there is a UAF vulnerability caused by referencing uninitialized memβ¦
Animate versions 24.0.2, 23.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-30296 - When Animate parses FLA files, there is an out-of-bounds write vulnerability at animate+0x123df28
Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-30294 - Adobe Animate OGG File Parsing Heap Memory Corruption remote code execution Vulnerability
Animate versions 24.0.2, 23.0.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2024-30298 - Adobe Animate SWF File Parsing Memory corruption
Animate versions 24.0.2, 23.0.5 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that aβ¦
7.8
CVE-2024-30297 - When Adobe Animate parses FLA files, there is a heap out-of-bounds write vulnerability at Animate.eβ¦
Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-30293 - Adobe Animate 2024 AI File parsing Stack base buffer overflow Remote Code execution Vulnerability
Animate versions 24.0.2, 23.0.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-30282 - Adobe Animate 2024 Out of Bound Write Remote Code Execution Vulnerability
Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2024-30281 - Substance3D - Designer | Out-of-bounds Read (CWE-125)
Substance3D - Designer versions 13.1.1 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction inβ¦