CVE-2024-39382 – After Effects | Out-of-bounds Read (CWE-125)
https://notcve.org/view.php?id=CVE-2024-39382
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/after_effects/apsb24-55.html • CWE-125: Out-of-bounds Read •
CVE-2024-44677
https://notcve.org/view.php?id=CVE-2024-44677
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component. • https://github.com/jcxj/jcxj/blob/master/source/_posts/eladmin-%E5%A4%8D%E7%8E%B0.md https://github.com/elunez/eladmin • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2024-39385 – Premiere Pro | Use After Free (CWE-416)
https://notcve.org/view.php?id=CVE-2024-39385
An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html • CWE-416: Use After Free •
CVE-2024-39377 – Media Encoder | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-39377
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Media Encoder. • https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html • CWE-787: Out-of-bounds Write •
CVE-2024-7626 – WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) <= 1.6.9 - Improper Path Validation to Authenticated (Subscriber+) Arbitrary File Move and Read
https://notcve.org/view.php?id=CVE-2024-7626
This makes it possible for authenticated attackers, with subscriber-level access and above, to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php). • https://www.wordfence.com/threat-intel/vulnerabilities/id/3c98bb53-9f7e-4ab3-9676-e3dbfb4a0519?source=cve https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L260 https://plugins.trac.wordpress.org/browser/delicious-recipes/tags/1.6.7/src/dashboard/class-delicious-recipes-form-handler.php#L355 https://plugins.trac.wordpress.org/changeset/3148996/delicious-recipes/trunk/src/dashboard/class-delicious-recipes-form-handler.php • CWE-73: External Control of File Name or Path •