CVE-2023-21124

In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

CVE-2022-21124

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-2523...

CVE-2020-21124

UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page...

CVE-2025-21124

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2025-21124

creationtimestamp| type| source ---|---|--- 2025-02-11 17:12:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113986367860035531 2025-02-11 17:16:56+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5yyofln2h 2025-02-11 19:52:54+00:00| seen|...

CVE-2025-21124 InDesign Desktop | Out-of-bounds Read (CWE-125)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2025-21124

Adobe InDesign CVE-2025-21124 affects InDesign Desktop versions ID20.0, ID19.5.1 and earlier with an out-of-bounds read vulnerability that could disclose sensitive memory and bypass mitigations such as ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected product/...

CVE-2023-21124

creationtimestamp| type| source ---|---|--- 2023-06-15 22:21:47+00:00| seen| https://t.me/cibsecurity/65275...

CVE-2023-21124

CVE-2023-21124 affects the Android System component. It describes an elevation of privilege via unsafe deserialization in the execution of multiple files, with local exploitability and no user interaction. The vulnerability is listed for Android 11–Android 13 (AOSP updated versions 11, 12, 12L, 1...

CVE-2023-21124

In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

SUSE CVE-2021-21124

Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

Cross site scripting

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-2112...

CVE-2022-21124

Summary (CVE-2022-21124): An out-of-bounds write in CX-Programmer v9.76.1 and earlier (part of CX-One v4.60) may lead to information disclosure and/or arbitrary code execution when a user opens a specially crafted CXP file. Affected component is CX-Programmer; root cause is an out-of-bounds write...

CVE-2020-21124

creationtimestamp| type| source ---|---|--- 2021-09-15 20:22:03+00:00| seen| https://t.me/cibsecurity/28917...

CVE-2020-21124

The vulnerability CVE-2020-21124 affects UReport 2.2.9 (Java-based reporting engine). The root cause is a lack of access control on the designer page, enabling an attacker to execute arbitrary code. The sources describe this high-risk condition; no explicit remediation version is provided in the ...

openSUSE: Security Advisory for chromium (openSUSE-SU-2021:0166-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for chromium (openSUSE-SU-2021:0173-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-21124

Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-21124

Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

CVE-2021-21124

Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...