CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39388 – ZDI-CAN-24055: Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-39388
Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/substance3d_stager/apsb24-60.htm • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41831 – ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-41831
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-416: Use After Free •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-7722 – Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7722
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://www.zerodayinitiative.com/advisories/ZDI-24-1124 https://www.foxit.com/support/security-bulletins.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38169 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38169
Microsoft Office Visio Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38169 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41840 – ZDI-CAN-24607: Adobe Bridge JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-41840
Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://helpx.adobe.com/security/products/bridge/apsb24-59.html • CWE-787: Out-of-bounds Write •