cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-49537,https://securityvulnerability.io/vulnerability/CVE-2024-49537,After Effects | Stack-based Buffer Overflow (CWE-121),"A stack-based buffer overflow vulnerability affects Adobe After Effects versions 24.6.2, 25.0.1, and earlier. This vulnerability enables an attacker to execute arbitrary code in the context of the current user, provided that the victim interacts with the system by opening a specially crafted malicious file. The nature of this exploit highlights the importance of user awareness and secure file handling in mitigating potential risks.",Adobe,After Effects,7.8,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-47441,https://securityvulnerability.io/vulnerability/CVE-2024-47441,After Effects | Out-of-bounds Write (CWE-787),"Adobe After Effects versions 23.6.9, 24.6.2 and earlier are susceptible to an out-of-bounds write vulnerability that enables arbitrary code execution under the context of the current user. This security issue necessitates user interaction, where a victim must open a specially crafted malicious file for exploitation to occur. The implications of this vulnerability underscore the importance of updating affected versions to ensure the integrity and security of user systems.",Adobe,After Effects,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-11-12T19:15:00.000Z,0
CVE-2024-47446,https://securityvulnerability.io/vulnerability/CVE-2024-47446,Out-of-Bounds Read Vulnerability in After Effects by Adobe,"Adobe After Effects versions 23.6.9 and 24.6.2 are susceptible to an out-of-bounds read vulnerability that could enable the disclosure of sensitive memory. This flaw allows attackers to bypass essential protection measures, including Address Space Layout Randomization (ASLR). Exploiting this vulnerability necessitates user interaction, as it requires the user to open a specially crafted malicious file, thereby putting their sensitive information at risk.",Adobe,After Effects,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-11-12T19:15:00.000Z,0
CVE-2024-47443,https://securityvulnerability.io/vulnerability/CVE-2024-47443,After Effects | Out-of-bounds Write (CWE-787),"Adobe After Effects versions 23.6.9, 24.6.2 and earlier are susceptible to an out-of-bounds write vulnerability. This flaw enables malicious actors to execute arbitrary code with the privileges of the current user, contingent on the user opening a specially crafted malicious file. Due to the reliance on user interaction for exploitation, this vulnerability necessitates awareness and prevention strategies among users to mitigate potential risks. Adobe has recommended immediate updates to patch this vulnerability, and users are urged to install the latest versions to ensure their systems remain secure.",Adobe,After Effects,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-11-12T19:15:00.000Z,0
CVE-2024-47444,https://securityvulnerability.io/vulnerability/CVE-2024-47444,Out-of-Bounds Read Vulnerability in Adobe After Effects,"Adobe After Effects is affected by a vulnerability that allows for an out-of-bounds read. This issue could potentially lead to the disclosure of sensitive memory data. Attackers can exploit this vulnerability by enticing users to open specially crafted malicious files, enabling them to bypass security mechanisms such as Address Space Layout Randomization (ASLR). Users of affected versions should apply patches promptly to mitigate any risks associated with this vulnerability.",Adobe,After Effects,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-11-12T19:15:00.000Z,0
CVE-2024-47442,https://securityvulnerability.io/vulnerability/CVE-2024-47442,After Effects | Out-of-bounds Write (CWE-787),"Adobe After Effects versions 23.6.9, 24.6.2 and earlier are impacted by an out-of-bounds write vulnerability that enables the potential for arbitrary code execution within the context of the current user. Successful exploitation necessitates user intervention, as the victim must open a specially crafted file designed to trigger the vulnerability. This raises significant security concerns for users who may inadvertently execute harmful code.",Adobe,After Effects,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-11-12T19:15:00.000Z,0
CVE-2024-47445,https://securityvulnerability.io/vulnerability/CVE-2024-47445,Out-of-Bounds Read Vulnerability in Adobe After Effects Products,"An out-of-bounds read vulnerability exists in Adobe After Effects versions 23.6.9, 24.6.2, and earlier. This flaw allows an attacker to potentially disclose sensitive information from memory, which can be exploited if the victim opens a specially crafted file. The impact of this vulnerability may include bypassing security measures such as Address Space Layout Randomization (ASLR). User interaction is required for exploitation, emphasizing the need for cautious handling of untrusted files.",Adobe,After Effects,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-11-12T19:15:00.000Z,0
CVE-2024-39381,https://securityvulnerability.io/vulnerability/CVE-2024-39381,Adobe After Effects Vulnerable to Arbitrary Code Execution via Malicious Files,"Adobe After Effects is affected by an out-of-bounds write vulnerability that can lead to arbitrary code execution by an attacker. The issue arises when a user opens a specially crafted file, leading to potential unauthorized actions within the context of their current user session. This vulnerability highlights the importance of caution when handling files from untrusted sources, especially in creative software environments.",Adobe,After Effects,7.8,HIGH,0.0011099999537691474,false,,false,false,false,,,false,false,,2024-09-13T08:33:29.645Z,0
CVE-2024-39380,https://securityvulnerability.io/vulnerability/CVE-2024-39380,Adobe After Effects Vulnerable to Heap-based Buffer Overflow,"A vulnerability exists in Adobe After Effects that allows for a heap-based buffer overflow, potentially enabling arbitrary code execution within the context of the current user. The exploitation of this vector necessitates user interaction; specifically, a user must inadvertently open a malicious file crafted to trigger the overflow. This risk emphasizes the importance of caution when handling files from untrusted sources, particularly in versions 23.6.6, 24.5, and earlier iterations of the software.",Adobe,After Effects,7.8,HIGH,0.0008299999753944576,false,,false,false,false,,,false,false,,2024-09-13T08:33:28.916Z,0
CVE-2024-41867,https://securityvulnerability.io/vulnerability/CVE-2024-41867,Adobe After Effects Under Attack: Stack-Based Buffer Overflow Vulnerability,"After Effects versions 23.6.6, 24.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to arbitrary file system write operations. An attacker could leverage this vulnerability to modify or corrupt files, potentially leading to a compromise of system integrity. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,After Effects,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-09-13T08:33:28.151Z,0
CVE-2024-39382,https://securityvulnerability.io/vulnerability/CVE-2024-39382,Adobe After Effects Vulnerability Could Lead to Memory Disclosure,"After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,After Effects,5.5,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2024-09-13T08:33:27.388Z,0
CVE-2024-41859,https://securityvulnerability.io/vulnerability/CVE-2024-41859,Adobe After Effects Vulnerability: Arbitrary Code Execution via Malicious File,"Adobe After Effects versions 23.6.6, 24.5 and earlier have an out-of-bounds write vulnerability that allows for potential arbitrary code execution in the context of the current user. This security flaw requires user interaction, specifically the opening of a malicious file, to exploit. Users of affected versions are urged to apply any available patches and to remain vigilant against potential phishing attempts that may lead to opening compromised files.",Adobe,After Effects,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-09-13T08:33:26.625Z,0
CVE-2024-20737,https://securityvulnerability.io/vulnerability/CVE-2024-20737,Adobe After Effects Vulnerable to Out-of-Bounds Read Attack,"After Effects versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,After Effects,5.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-04-10T08:56:42.741Z,0
CVE-2023-48633,https://securityvulnerability.io/vulnerability/CVE-2023-48633,ZDI-CAN-22173: Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability,"Adobe After Effects is vulnerable to a Use After Free flaw impacting versions 24.0.3 and earlier, as well as 23.6.0 and earlier. This vulnerability could allow an attacker to execute arbitrary code on the affected system, contingent upon user interaction. Specifically, exploitation requires the victim to open a specially crafted malicious file, making user awareness and safe file handling practices paramount.",Adobe,After Effects,7.8,HIGH,0.0053900000639259815,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-48634,https://securityvulnerability.io/vulnerability/CVE-2023-48634,ZDI-CAN-22175: Adobe After Effects AEP File Parsing Memory Corruption Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.3 and earlier, along with 23.6.0 and earlier, are vulnerable to an issue stemming from improper input validation. This vulnerability could permit arbitrary code execution in the context of the current user, contingent upon user interaction, such as opening a specially crafted malicious file. Users are advised to remain vigilant and ensure they are using the latest software versions to mitigate exposure.",Adobe,After Effects,7.8,HIGH,0.0010600000387057662,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-48632,https://securityvulnerability.io/vulnerability/CVE-2023-48632,ZDI-CAN-22172: Adobe After Effects AEP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.3 and 23.6.0 and earlier are vulnerable to an out-of-bounds write issue, potentially allowing an attacker to execute arbitrary code within the context of the current user. This vulnerability requires the victim to open a specially crafted file, making user interaction a key factor in its exploitation. Protect your system by ensuring you are using a patched version of the software.",Adobe,After Effects,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-48635,https://securityvulnerability.io/vulnerability/CVE-2023-48635,ZDI-CAN-22174: Adobe After Effects AEP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,After Effects,5.5,MEDIUM,0.0013800000306218863,false,,false,false,false,,,false,false,,2023-12-13T14:15:00.000Z,0
CVE-2023-47067,https://securityvulnerability.io/vulnerability/CVE-2023-47067,ZDI-CAN-21706: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.2 and earlier, as well as 23.6 and earlier, are susceptible to an out-of-bounds read vulnerability. This issue arises when processing specially crafted files, potentially allowing attackers to read beyond allocated memory structures. Successful exploitation necessitates user interaction, as victims must open a malicious file, possibly leading to arbitrary code execution within the context of the affected user's session.",Adobe,After Effects,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0
CVE-2023-47068,https://securityvulnerability.io/vulnerability/CVE-2023-47068,ZDI-CAN-21702: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.2 and 23.6, along with earlier iterations, are susceptible to an out-of-bounds read vulnerability during the processing of specially crafted files. This could allow an attacker to read memory beyond allocated structures, potentially leading to the execution of arbitrary code within the context of the current user. Exploitation requires user interaction, as it necessitates that the victim opens a maliciously crafted file.",Adobe,After Effects,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0
CVE-2023-47073,https://securityvulnerability.io/vulnerability/CVE-2023-47073,ZDI-CAN-21709: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.2 and earlier, along with version 23.6 and earlier, are vulnerable to an out-of-bounds write issue. This flaw could lead to arbitrary code execution in the context of the current user, necessitating user interaction for exploitation. Affected users may be compromised by opening maliciously crafted files, highlighting the need for vigilance and immediate updates to secure their systems.",Adobe,After Effects,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0
CVE-2023-47066,https://securityvulnerability.io/vulnerability/CVE-2023-47066,ZDI-CAN-21705: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.2 and earlier, including 23.6 and earlier, have a vulnerability related to out-of-bounds reads that occurs during the parsing of specially crafted files. This could allow an attacker to read beyond the allocated memory space, potentially leading to arbitrary code execution within the context of the user. It’s important to note that successful exploitation requires user interaction, as the malicious file must be opened by the victim.",Adobe,After Effects,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0
CVE-2023-47070,https://securityvulnerability.io/vulnerability/CVE-2023-47070,ZDI-CAN-21708: Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.2 and 23.6, along with earlier variants, contain an out-of-bounds write vulnerability that may allow an attacker to execute arbitrary code. The successful exploitation of this fault necessitates user action, specifically the opening of a malicious file. This creates significant risk for users, enabling potential unauthorized actions within their computing environment.",Adobe,After Effects,7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0
CVE-2023-47072,https://securityvulnerability.io/vulnerability/CVE-2023-47072,ZDI-CAN-21790: Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability,Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,After Effects,3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0
CVE-2023-47069,https://securityvulnerability.io/vulnerability/CVE-2023-47069,ZDI-CAN-21703: Adobe After Effects M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe After Effects versions 24.0.2 and 23.6 are susceptible to an out-of-bounds read vulnerability that occurs when the software processes a specially crafted file. This security flaw can lead to unauthorized code execution within the context of the user. To exploit this vulnerability, an attacker must trick the user into opening a maliciously crafted file, thereby compromising system integrity.",Adobe,After Effects,7.8,HIGH,0.000750000006519258,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0
CVE-2023-47071,https://securityvulnerability.io/vulnerability/CVE-2023-47071,ZDI-CAN-21704: Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,After Effects,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-11-17T11:15:00.000Z,0