CVE-2024-55354

CVE-2024-55354

Título es
CVE-2024-55354

Mar, 08/04/2025 – 22:15

Tipo
CWE-807

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-55354

Descripción en
Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism failure that can let an attacker run code that would be expected to be blocked and access resources that would be expected to be protected.

09/04/2025
09/04/2025
Vector CVSS:3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
5.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

  • https://dev.lucee.org/t/lucee-cve-2024-55354-security-advisory-april-2025/14963

    • Enviar en el boletín
    Off

    CVE-2025-30304

    CVE-2025-30304

    Título es
    CVE-2025-30304

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-787

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30304

    Descripción en
    Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    7.80

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    HIGH

    Referencias

  • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html

    • Enviar en el boletín
    Off

    CVE-2025-30303

    CVE-2025-30303

    Título es
    CVE-2025-30303

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30303

    Descripción en
    Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html

    • Enviar en el boletín
    Off

    CVE-2025-30302

    CVE-2025-30302

    Título es
    CVE-2025-30302

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30302

    Descripción en
    Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html

    • Enviar en el boletín
    Off

    CVE-2025-30301

    CVE-2025-30301

    Título es
    CVE-2025-30301

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-476

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30301

    Descripción en
    Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html

    • Enviar en el boletín
    Off

    CVE-2025-30309

    CVE-2025-30309

    Título es
    CVE-2025-30309

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30309

    Descripción en
    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

    • Enviar en el boletín
    Off

    CVE-2025-30308

    CVE-2025-30308

    Título es
    CVE-2025-30308

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30308

    Descripción en
    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

    • Enviar en el boletín
    Off

    CVE-2025-30307

    CVE-2025-30307

    Título es
    CVE-2025-30307

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30307

    Descripción en
    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

    • Enviar en el boletín
    Off

    CVE-2025-30306

    CVE-2025-30306

    Título es
    CVE-2025-30306

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30306

    Descripción en
    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

    • Enviar en el boletín
    Off

    CVE-2025-30305

    CVE-2025-30305

    Título es
    CVE-2025-30305

    Mar, 08/04/2025 – 19:15

    Tipo
    CWE-125

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-30305

    Descripción en
    XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

    08/04/2025
    08/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

    • Enviar en el boletín
    Off