Vulnerability Summary for the Week of December 11, 2023

 High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
acronis — cyber_protect_home_office Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901. 2023-12-12 7.8 CVE-2023-48677
security@acronis.com
adobe — after_effects Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2023-12-13 7.8 CVE-2023-48632
psirt@adobe.com
adobe — after_effects Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by a Use After Free vulne

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins

Read the original article: