cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-53956,https://securityvulnerability.io/vulnerability/CVE-2024-53956,Adobe Premiere Pro Vulnerable to Heap-based Buffer Overflow,"Adobe Premiere Pro, including versions 25.0 and 24.6.3, suffers from a Heap-based Buffer Overflow vulnerability that could enable arbitrary code execution when a victim opens a specially crafted malicious file. This requires user interaction, making it imperative for users to remain vigilant when handling unknown files. The vulnerability poses significant risks, especially in environments where Premiere Pro is widely used for video editing and content creation.",Adobe,Premiere Pro,7.8,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-12-10T22:15:00.000Z,0
CVE-2024-39384,https://securityvulnerability.io/vulnerability/CVE-2024-39384,Adobe Premiere Pro Vulnerability Could Lead to Arbitrary Code Execution,"Adobe Premiere Pro versions 24.5, 23.6.8, and earlier are impacted by a security vulnerability that allows an out-of-bounds write, which may lead to arbitrary code execution. This risk is contingent upon user interaction, as an attacker must persuade a victim to open a specially crafted file. Vulnerable users are advised to exercise caution when handling unfamiliar files, as exploitation may compromise system integrity and data confidentiality.",Adobe,Premiere Pro,7.8,HIGH,0.0011099999537691474,false,,false,false,false,,,false,false,,2024-09-13T08:33:52.743Z,0
CVE-2024-39385,https://securityvulnerability.io/vulnerability/CVE-2024-39385,Adobe Premiere Pro Vulnerable to Use After Free Attack,"Premiere Pro versions 24.5, 23.6.8 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Premiere Pro,5.5,MEDIUM,0.001610000035725534,false,,false,false,false,,,false,false,,2024-09-13T08:33:51.970Z,0
CVE-2024-34123,https://securityvulnerability.io/vulnerability/CVE-2024-34123,Adobe Premiere Pro Untrusted Search Path Vulnerability Could Lead to Arbitrary Code Execution,"Adobe Premiere Pro is vulnerable to an Untrusted Search Path issue that exposes the application to arbitrary code execution by an attacker. This vulnerability permits the insertion of a malicious file into the application’s search path, allowing the application to mistakenly execute it instead of the intended legitimate files. This method of exploitation necessitates user interaction, which escalates the attack complexity and highlights the critical importance of rigorous file validation and security practices within the application.",Adobe,Premiere Pro,7,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-07-09T19:06:50.067Z,0
CVE-2024-20746,https://securityvulnerability.io/vulnerability/CVE-2024-20746,Adobe Premiere Pro Vulnerability Could Lead to Arbitrary Code Execution,"An out-of-bounds write vulnerability exists in Adobe Premiere Pro, specifically affecting versions 24.1 and 23.6.2, as well as prior releases. This security flaw enables arbitrary code execution, contingent on user interaction with a malicious file. Successful exploitation necessitates that the targeted user open the compromised file, highlighting the importance of user awareness and security practices to mitigate potential risks associated with this vulnerability.",Adobe,Premiere Pro,7.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-03-18T14:59:23.153Z,0
CVE-2024-20745,https://securityvulnerability.io/vulnerability/CVE-2024-20745,Adobe Premiere Pro Vulnerable to Heap-based Buffer Overflow,"Adobe Premiere Pro is affected by a Heap-based Buffer Overflow vulnerability that could enable arbitrary code execution in the context of the current user. Exploitation of this vulnerability necessitates user interaction, as it requires the opening of a specially crafted malicious file by the victim. This flaw poses significant risks, as successful exploitation can lead to unauthorized access and control over user systems, highlighting the need for heightened security awareness and timely updates.",Adobe,Premiere Pro,7.8,HIGH,0.00215999991632998,false,,false,false,false,,,false,false,,2024-03-18T14:59:22.395Z,0
CVE-2023-47060,https://securityvulnerability.io/vulnerability/CVE-2023-47060,ZDI-CAN-21792: Adobe Premiere Pro MP4 File Uninitialized Variable Information Disclosure Vulnerability,Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Premiere Pro,3.3,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-11-16T17:15:00.000Z,0
CVE-2023-47056,https://securityvulnerability.io/vulnerability/CVE-2023-47056,ZDI-CAN-21763: Adobe Premiere Pro MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,"Adobe Premiere Pro versions 24.0 and earlier, and 23.6 and earlier are susceptible to a Heap-based Buffer Overflow vulnerability. This security flaw could permit an attacker to execute arbitrary code in the context of the current user when a malicious file is opened. The exploitation of this vulnerability necessitates user interaction, emphasizing the importance of diligent file handling and security practices by users.",Adobe,Premiere Pro,7.8,HIGH,0.012930000200867653,false,,false,false,false,,,false,false,,2023-11-16T17:15:00.000Z,0
CVE-2023-47055,https://securityvulnerability.io/vulnerability/CVE-2023-47055,ZDI-CAN-21765: Adobe Premiere Pro M4A File Parsing Use-After-Free Remote Code Execution Vulnerability,"A Use After Free vulnerability in Adobe Premiere Pro versions 24.0 and 23.6 poses a significant security risk. This flaw enables attackers to execute arbitrary code within the context of the affected user's session. For successful exploitation, the user must be tricked into opening a specially crafted malicious file, highlighting the need for cautious file handling practices. Adobe has released an advisory recommending users to update their software to mitigate this risk.",Adobe,Premiere Pro,7.8,HIGH,0.1422799974679947,false,,false,false,false,,,false,false,,2023-11-16T17:15:00.000Z,0
CVE-2023-47057,https://securityvulnerability.io/vulnerability/CVE-2023-47057,ZDI-CAN-21764: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe Premiere Pro versions 24.0 and 23.6 are susceptible to an out-of-bounds write vulnerability, which allows for arbitrary code execution within the context of the current user. This vulnerability can be exploited when a user opens a specially crafted malicious file, leading to potential unauthorized actions on the user's system. It emphasizes the need for users to be cautious when handling files from untrusted sources.",Adobe,Premiere Pro,7.8,HIGH,0.0016899999463930726,false,,false,false,false,,,false,false,,2023-11-16T17:15:00.000Z,0
CVE-2023-47059,https://securityvulnerability.io/vulnerability/CVE-2023-47059,ZDI-CAN-21767: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Premiere Pro versions up to 24.0 and 23.6 are susceptible to an out-of-bounds read vulnerability when processing specially crafted files. This flaw may enable an attacker to read beyond the allocated memory, potentially leading to unauthorized code execution within the context of the user. To exploit this vulnerability, the targeted user must open a malicious file, making user awareness and cautious file handling essential for mitigation.",Adobe,Premiere Pro,7.8,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2023-11-16T17:15:00.000Z,0
CVE-2023-47058,https://securityvulnerability.io/vulnerability/CVE-2023-47058,ZDI-CAN-21766: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Premiere Pro versions 24.0 and 23.6 are vulnerable to an out-of-bounds read issue that occurs when the software parses specially crafted files. This vulnerability could allow an attacker to read beyond the allocated memory, potentially leading to arbitrary code execution in the context of the currently logged-in user. Successful exploitation necessitates user interaction, as the targeted individual must open a malicious file for the attack to proceed.",Adobe,Premiere Pro,7.8,HIGH,0.0019600000232458115,false,,false,false,false,,,false,false,,2023-11-16T17:15:00.000Z,0
CVE-2021-40790,https://securityvulnerability.io/vulnerability/CVE-2021-40790,Adobe Premiere Pro MOV File Parsing Use-After-Free Information Disclosure Vulnerability,Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Premiere Pro,5.5,MEDIUM,0.0012100000167265534,false,,false,false,false,,,false,false,,2023-09-07T12:54:42.216Z,0
CVE-2021-40791,https://securityvulnerability.io/vulnerability/CVE-2021-40791,Adobe Premiere Pro JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Premiere Pro,5.5,MEDIUM,0.0013800000306218863,false,,false,false,false,,,false,false,,2023-09-07T12:54:38.479Z,0
CVE-2021-42265,https://securityvulnerability.io/vulnerability/CVE-2021-42265,Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Premiere Pro,5.5,MEDIUM,0.0013800000306218863,false,,false,false,false,,,false,false,,2023-09-07T12:54:36.875Z,0
CVE-2021-40795,https://securityvulnerability.io/vulnerability/CVE-2021-40795,Adobe Premiere Pro 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,"Adobe Premiere Pro versions 22.0 and earlier, as well as 15.4.2 and earlier, are susceptible to an out-of-bounds read vulnerability. This flaw allows an attacker to read past the end of an allocated memory structure, which could potentially lead to unauthorized code execution in the context of the current user. To exploit this vulnerability, a victim must open a specially crafted malicious file, highlighting the necessity for caution when handling untrusted files.",Adobe,Premiere Pro,7.8,HIGH,0.0014199999859556556,false,,false,false,false,,,false,false,,2023-09-07T12:54:34.886Z,0
CVE-2021-43751,https://securityvulnerability.io/vulnerability/CVE-2021-43751,Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Premiere Pro,3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-09-07T12:54:28.242Z,0
CVE-2023-22244,https://securityvulnerability.io/vulnerability/CVE-2023-22244,Adobe Premiere Rush PSD files Use After Free Arbitrary code execution,"Adobe Premiere Rush versions up to and including 2.6 are vulnerable to a Use After Free issue, which may allow an attacker to execute arbitrary code through a maliciously crafted file. Successful exploitation of this vulnerability requires user interaction, as the user must open the compromised file. This raises significant security concerns, as it can potentially lead to unauthorized actions on the user's system.",Adobe,Premiere Rush,7.8,HIGH,0.007660000119358301,false,,false,false,false,,,false,false,,2023-02-17T00:00:00.000Z,0
CVE-2023-22234,https://securityvulnerability.io/vulnerability/CVE-2023-22234,"Adobe Premiere Rush PSD file Stack-based Buffer Overflow Arbitrary code execution ","Adobe Premiere Rush prior to version 2.6 is susceptible to a Stack-based Buffer Overflow vulnerability, which may allow unauthorized arbitrary code execution if a user opens a specially crafted malicious file. This highlights the need for vigilant file handling and prompt updates to mitigate potential risks associated with this vulnerability.",Adobe,Premiere Rush,7.8,HIGH,0.011979999952018261,false,,false,false,false,,,false,false,,2023-02-17T00:00:00.000Z,0
CVE-2022-34235,https://securityvulnerability.io/vulnerability/CVE-2022-34235,Adobe Premiere Elements Uncontrolled Search Path Element Privilege Escalation,Adobe Premiere Elements version 2020v20 (and earlier) is affected by an Uncontrolled Search Path Element which could lead to Privilege Escalation. An attacker could leverage this vulnerability to obtain admin using an existing low-privileged user. Exploitation of this issue does not require user interaction.,Adobe,Premiere Elements,7.8,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-08-11T15:15:00.000Z,0
CVE-2021-46816,https://securityvulnerability.io/vulnerability/CVE-2021-46816,Adobe Premiere Pro M4A file memory corruption vulnerability could lead to remote code execution,Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.,Adobe,Premiere,7.8,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2022-06-13T13:15:00.000Z,0
CVE-2021-40793,https://securityvulnerability.io/vulnerability/CVE-2021-40793,Adobe Premiere Pro WAV file memory corruption vulnerability could lead to arbitrary code execution,"Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.",Adobe,Premiere,7.8,HIGH,0.0020200000144541264,false,,false,false,false,,,false,false,,2022-03-16T15:15:00.000Z,0
CVE-2021-42263,https://securityvulnerability.io/vulnerability/CVE-2021-42263,Adobe Premiere Pro Null Pointer Dereference Application denial-of-service,Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Premiere,5.5,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-03-16T15:15:00.000Z,0
CVE-2021-40794,https://securityvulnerability.io/vulnerability/CVE-2021-40794,Adobe Premiere Pro MOV file memory corruption vulnerability could lead to arbitrary code execution,"Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.",Adobe,Premiere,7.8,HIGH,0.0020200000144541264,false,,false,false,false,,,false,false,,2022-03-16T15:15:00.000Z,0
CVE-2021-40788,https://securityvulnerability.io/vulnerability/CVE-2021-40788,Adobe Premiere Elements Null Pointer Dereference Application denial-of-service,Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Premiere Elements,5.5,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2022-03-16T15:15:00.000Z,0