CVE-2024-34121 – Illustrator | Integer Overflow or Wraparound (CWE-190)
https://notcve.org/view.php?id=CVE-2024-34121
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/illustrator/apsb24-66.html • CWE-190: Integer Overflow or Wraparound •
CVE-2024-43758 – Illustrator | Use After Free (CWE-416)
https://notcve.org/view.php?id=CVE-2024-43758
Illustrator versions 28.6, 27.9.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/illustrator/apsb24-66.html • CWE-416: Use After Free •
CVE-2024-39380 – After Effects | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2024-39380
After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/after_effects/apsb24-55.html • CWE-122: Heap-based Buffer Overflow •
CVE-2024-41859 – After Effects | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-41859
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/after_effects/apsb24-55.html • CWE-787: Out-of-bounds Write •
CVE-2024-8479 – Simple Spoiler 1.2 - 1.3 - Unauthenticated Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-8479
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode'); which will run all shortcodes in comments. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. • https://plugins.trac.wordpress.org/browser/simple-spoiler/trunk/simple-spoiler.php#L108 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3151179%40simple-spoiler&new=3151179%40simple-spoiler&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/8ffc76d8-b841-4c26-bbc6-1f96664efe36?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •