CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30275 – Adobe Aero Beta has an arbitrary code execution vulnerability when parsing svg files
https://notcve.org/view.php?id=CVE-2024-30275
Adobe Aero Desktop versions 23.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/aero/apsb24-33.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30307 – Adobe Substance 3D Painter BMP File Parsing Out Of Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2024-30307
Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30274 – Adobe Substance 3D Painter ABC File Parsing An Out-Of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2024-30274
Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20792 – Adobe Illustrator TIF File Parsing Use-After-Free Remote memory corruption
https://notcve.org/view.php?id=CVE-2024-20792
Illustrator versions 28.4, 27.9.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/illustrator/apsb24-30.html • CWE-416: Use After Free •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4202 – Progress Telerik Reporting Local Instantiation Vulnerability
https://notcve.org/view.php?id=CVE-2024-4202
In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514), a code execution attack is possible through an insecure instantiation vulnerability. En las versiones de Progress® Telerik® Reporting anteriores al segundo trimestre de 2024 (18.1.24.514), es posible un ataque de ejecución de código a través de una vulnerabilidad de instanciación insegura. • https://docs.telerik.com/reporting/knowledge-base/instantiation-vulnerability-cve-2024-4202 • CWE-94: Improper Control of Generation of Code ('Code Injection') •