After Effects
Monthly
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires user interaction to open a specially crafted file. An attacker can exploit this flaw to execute malicious code with the privileges of the affected user. No patch is currently available.
Adobe After Effects 25.6 and earlier suffers from a null pointer dereference that allows attackers to trigger application crashes by convincing users to open a specially crafted file. This local denial-of-service vulnerability requires user interaction but requires no special privileges, potentially disrupting creative workflows. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through type confusion allows attackers to execute malicious code with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses a significant risk to creative professionals and organizations using affected versions. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via a use-after-free memory vulnerability that executes with user privileges when opening a malicious file. The vulnerability requires user interaction but has no available patch, leaving affected systems at risk from social engineering attacks delivering weaponized project files.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via out-of-bounds write vulnerability when users open malicious files. This local attack requires user interaction but grants the attacker full execution privileges within the victim's session. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through out-of-bounds write vulnerability (CWE-787) when processing malicious files. An attacker can execute code with user privileges by convincing a victim to open a specially crafted file, with no patch currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires victims to open a malicious file. An attacker can execute commands with the privileges of the affected user without requiring special permissions. No patch is currently available for this high-severity vulnerability.
Arbitrary code execution in Adobe After Effects 25.6 and earlier results from an out-of-bounds read vulnerability triggered when parsing specially crafted files. An attacker can exploit this by tricking users into opening a malicious file, gaining execution privileges within the victim's user context. No patch is currently available for this vulnerability.
Code execution in Adobe After Effects 25.6 and earlier through out-of-bounds memory reads when processing malicious files. An attacker can exploit this vulnerability to execute arbitrary code with user privileges by tricking victims into opening a crafted file. No patch is currently available for this vulnerability.
Arbitrary code execution in Adobe After Effects versions 25.6 and earlier through a use-after-free vulnerability that requires a user to open a malicious file. An attacker can execute arbitrary code with the privileges of the affected user by crafting a specially designed file. No patch is currently available.
Out-of-bounds memory reads in Adobe After Effects 25.6 and earlier enable arbitrary code execution when users open specially crafted files. An attacker can exploit this parsing vulnerability by delivering a malicious file that triggers a read past allocated buffer boundaries, executing code with the privileges of the affected user. No patch is currently available for this high-severity vulnerability that requires user interaction to exploit.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through an integer overflow vulnerability affecting file processing. An attacker can exploit this by crafting a malicious file that, when opened by a user, executes code with the privileges of the current user. No patch is currently available for this high-severity vulnerability.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free flaw allows attackers to execute commands with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses high risk to creative professionals and design teams. No patch is currently available.
Out-of-bounds memory read in Adobe After Effects 25.6 and earlier allows attackers to disclose sensitive information from process memory by tricking users into opening specially crafted files. This local vulnerability requires user interaction but carries no patch availability, leaving affected systems exposed until an update is released.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via out-of-bounds write when processing malicious files. An attacker can achieve code execution with user privileges by tricking a victim into opening a crafted file. No patch is currently available.
After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.2, 24.6.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
After Effects versions 25.2, 24.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires user interaction to open a specially crafted file. An attacker can exploit this flaw to execute malicious code with the privileges of the affected user. No patch is currently available.
Adobe After Effects 25.6 and earlier suffers from a null pointer dereference that allows attackers to trigger application crashes by convincing users to open a specially crafted file. This local denial-of-service vulnerability requires user interaction but requires no special privileges, potentially disrupting creative workflows. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through type confusion allows attackers to execute malicious code with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses a significant risk to creative professionals and organizations using affected versions. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via a use-after-free memory vulnerability that executes with user privileges when opening a malicious file. The vulnerability requires user interaction but has no available patch, leaving affected systems at risk from social engineering attacks delivering weaponized project files.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via out-of-bounds write vulnerability when users open malicious files. This local attack requires user interaction but grants the attacker full execution privileges within the victim's session. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through out-of-bounds write vulnerability (CWE-787) when processing malicious files. An attacker can execute code with user privileges by convincing a victim to open a specially crafted file, with no patch currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires victims to open a malicious file. An attacker can execute commands with the privileges of the affected user without requiring special permissions. No patch is currently available for this high-severity vulnerability.
Arbitrary code execution in Adobe After Effects 25.6 and earlier results from an out-of-bounds read vulnerability triggered when parsing specially crafted files. An attacker can exploit this by tricking users into opening a malicious file, gaining execution privileges within the victim's user context. No patch is currently available for this vulnerability.
Code execution in Adobe After Effects 25.6 and earlier through out-of-bounds memory reads when processing malicious files. An attacker can exploit this vulnerability to execute arbitrary code with user privileges by tricking victims into opening a crafted file. No patch is currently available for this vulnerability.
Arbitrary code execution in Adobe After Effects versions 25.6 and earlier through a use-after-free vulnerability that requires a user to open a malicious file. An attacker can execute arbitrary code with the privileges of the affected user by crafting a specially designed file. No patch is currently available.
Out-of-bounds memory reads in Adobe After Effects 25.6 and earlier enable arbitrary code execution when users open specially crafted files. An attacker can exploit this parsing vulnerability by delivering a malicious file that triggers a read past allocated buffer boundaries, executing code with the privileges of the affected user. No patch is currently available for this high-severity vulnerability that requires user interaction to exploit.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through an integer overflow vulnerability affecting file processing. An attacker can exploit this by crafting a malicious file that, when opened by a user, executes code with the privileges of the current user. No patch is currently available for this high-severity vulnerability.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free flaw allows attackers to execute commands with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses high risk to creative professionals and design teams. No patch is currently available.
Out-of-bounds memory read in Adobe After Effects 25.6 and earlier allows attackers to disclose sensitive information from process memory by tricking users into opening specially crafted files. This local vulnerability requires user interaction but carries no patch availability, leaving affected systems exposed until an update is released.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via out-of-bounds write when processing malicious files. An attacker can achieve code execution with user privileges by tricking a victim into opening a crafted file. No patch is currently available.
After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.2, 24.6.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
After Effects versions 25.2, 24.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.