Aggregator

A vulnerability was found in Adobe Animate up to 23.0.5/24.0.2. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-30296. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.5/24.0.2. It has been classified as critical. This affects an unknown part. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-30282. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, was found in parisneo lollms-webui. This affects the function install_model of the file lollms_core/lollms/binding.py. The manipulation leads to path traversal: '\..\filename'. This vulnerability is uniquely identified as CVE-2024-2361. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical has been found in Adobe Animate up to 23.0.5/24.0.2. Affected is an unknown function. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2024-30293. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Animate up to 23.0.5/24.0.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2024-30294. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Animate up to 23.0.5/24.0.2 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-30295. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.5/24.0.2 and classified as critical. This issue affects some unknown processing. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-30297. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in imartinez privategpt. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-3851. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Adobe Framemaker up to 2020.5/2022.3. It has been classified as problematic. This affects an unknown part. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2024-30283. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Framemaker up to 2020.5/2022.3. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-30287. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Adobe Framemaker up to 2020.5/2022.3. Affected is an unknown function. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-30286. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Pirch IRC Client 98. Affected is an unknown function of the component Hyperlink Handler. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2002-0928. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Adobe Framemaker up to 2020.5/2022.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2024-30288. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Adobe Framemaker up to 2020.5/2022.3. Affected by this issue is some unknown functionality. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2024-30289. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The U.S. DOJ seized over $8.2 million in USDT stolen through ‘romance baiting’ scams, where victims are tricked into fake investments promising high returns. On February 27, 2025, the U.S. Attorney’s Office in Ohio filed a civil forfeiture complaint for $8.2M in USDT (Tether) linked to a ‘romance baiting’ scam. Fraudsters used anonymous messaging apps […]

The Lotus Blossom Advanced Persistent Threat (APT) group, also known as Lotus Panda, Billbug, and Spring Dragon, has intensified its cyberespionage efforts with new variants of the Sagerunex backdoor. These developments highlight the group’s evolving tactics, including leveraging Windows Management Instrumentation (WMI) for post-exploitation activities and employing legitimate cloud services for command-and-control (C2) communications. The […]

The post Lotus Blossom APT Exploits WMI for Post-Exploitation Activities appeared first on Cyber Security News.

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. “Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from […]

Canadian Hacktivist and Alleged Anonymous Co-Founder Arrested for 2021 Texas GOP Website Hack

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Malware Analysis Report (MAR-25993211-r1.v1) detailing the exploitation of a critical vulnerability in Ivanti Connect Secure devices (CVE-2025-0282). This vulnerability allows attackers to gain unauthorized access and deploy sophisticated malware variants, including the newly identified RESURGE and SPAWNSLOTH. CISA’s analysis revealed that RESURGE operates as a […]

The post CISA Warns of ESURGE Malware Exploiting Ivanti RCE Vulnerability appeared first on Cyber Security News.