52 matches found
CVE-2026-27568
WWBN AVideo is an open source video platform. Prior to version 21.0, AVideo allows Markdown in video comments and uses Parsedown v1.7.4 without Safe Mode enabled. Markdown links are not sufficiently sanitized, allowing javascript: URIs to be rendered as clickable links. An authenticated...
CVE-2026-27568
WWBN AVideo (open source video platform) is affected prior to version 21.0 by CVE-2026-27568, where Markdown in video comments processed by Parsedown v1.7.4 without Safe Mode allows javascript: URIs to be rendered as links. An authenticated low-privilege attacker can post a malicious comment whos...
CVE-2026-21281
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21304
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21277
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21278
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a...
CVE-2026-21276
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21281 InCopy | Heap-based Buffer Overflow (CWE-122)
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21281 InCopy | Heap-based Buffer Overflow (CWE-122)
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21304 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21304
CVE-2026-21304 concerns Adobe InDesign Desktop versions 21.0, 19.5.5 and earlier, affected by a heap-based buffer overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. The vulnerability...
CVE-2026-21275
CVE-2026-21275 affects Adobe InDesign Desktop, versions 21.0, 19.5.5 and earlier. The issue is an Access of Uninitialized Pointer that could allow arbitrary code execution in the context of the current user when a malicious file is opened, requiring user interaction. Red Hat, NVD, and other sourc...
Adobe InDesign Desktop 安全漏洞
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. A security vulnerability exists in Adobe InDesign Desktop version 21.0, 19.5.5 and earlier versions that originates from a heap buffer overflow and could lead to the execution of arbitrary code...
Adobe InDesign Desktop 安全漏洞
Adobe InDesign is a professional desktop publishing software developed by Adobe for layout and page layout in print and digital media. Adobe InDesign suffers from a heap buffer overflow vulnerability that originates from a partial overwrite of heap memory, which can be exploited by an attacker to...
PT-2026-2773
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2026-2774
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-13973
A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 21.0.1 can potentially lead to administrators achieving arbitrary code execution...
Sophos Firewall 安全漏洞
Sophos Firewall is a firewall from Sophos UK. A security vulnerability exists in Sophos Firewall versions prior to 21.0 MR1 that stems from a business logic issue in the Up2Date component that could allow an attacker to take control of the DNS environment and execute remote code...
CVE-2024-12729
CVE-2024-12729 is a post-auth code injection vulnerability in the Sophos Firewall User Portal, affecting versions prior to 21.0 MR1 (21.0.1). The issue allows authenticated users to remotely execute code on the device. Public documentation highlights remediation by upgrading to 21.0 MR1 or newer ...
PT-2024-9754
Name of the Vulnerable Software and Affected Versions Sophos Firewall versions prior to 21.0 MR1 21.0.1 Description A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall allows access to the reporting database and can lead to remote code execution if a specific...