CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30288 – Adobe FrameMaker 3DS File Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2024-30288
16 May 2024 — Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb24-37.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30289 – Adobe FrameMaker XLS File Parsing Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-30289
16 May 2024 — Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb24-37.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4078 – Arbitrary Code Execution in parisneo/lollms
https://notcve.org/view.php?id=CVE-2024-4078
16 May 2024 — A vulnerability in the parisneo/lollms, specifically in the `/unInstall_binding` endpoint, allows for arbitrary code execution due to insufficient sanitization of user input. • https://github.com/parisneo/lollms/commit/7ebe08da7e0026b155af4f7be1d6417bc64cf02f • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4181 – Command Injection in run-llama/llama_index
https://notcve.org/view.php?id=CVE-2024-4181
16 May 2024 — A command injection vulnerability exists in the RunGptLLM class of the llama_index library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models (LLMs). The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine. This issue was fixed in version 0.10.13. The exploitation of this vulnerability could lead to a hosting provider gaining full control o... • https://github.com/run-llama/llama_index/commit/d73715eaf0642705583e7897c78b9c8dd2d3a7ba • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30295 – When Animate parses FLA files, there is a UAF vulnerability caused by referencing uninitialized memory at Animate.exe+0x1149dcf
https://notcve.org/view.php?id=CVE-2024-30295
16 May 2024 — Animate versions 24.0.2, 23.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-36.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30296 – When Animate parses FLA files, there is an out-of-bounds write vulnerability at animate+0x123df28
https://notcve.org/view.php?id=CVE-2024-30296
16 May 2024 — Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-36.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30294 – Adobe Animate OGG File Parsing Heap Memory Corruption remote code execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30294
16 May 2024 — Animate versions 24.0.2, 23.0.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-36.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30297 – When Adobe Animate parses FLA files, there is a heap out-of-bounds write vulnerability at Animate.exe+0x125D391
https://notcve.org/view.php?id=CVE-2024-30297
16 May 2024 — Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-36.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30293 – Adobe Animate 2024 AI File parsing Stack base buffer overflow Remote Code execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30293
16 May 2024 — Animate versions 24.0.2, 23.0.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-36.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30282 – Adobe Animate 2024 Out of Bound Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30282
16 May 2024 — Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-36.html • CWE-787: Out-of-bounds Write •