CVE-2024-41864 – Adobe Substance 3D Designer ICO Parsing Out-Of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2024-41864
Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_designer/apsb24-67.html • CWE-787: Out-of-bounds Write •
CVE-2024-41858 – Adobe InCopy has an integer overflow vulnerability when parsing SVG file
https://notcve.org/view.php?id=CVE-2024-41858
InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/incopy/apsb24-64.html • CWE-190: Integer Overflow or Wraparound •
CVE-2023-31349
https://notcve.org/view.php?id=CVE-2023-31349
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 • CWE-276: Incorrect Default Permissions •
CVE-2023-31348
https://notcve.org/view.php?id=CVE-2023-31348
A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-9001 • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-20578
https://notcve.org/view.php?id=CVE-2023-20578
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow an attacker with ring0 privileges and access to the BIOS menu or UEFI shell to modify the communications buffer potentially resulting in arbitrary code execution. • https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3003.html •