262 matches found
CVE-2025-24453
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-27166
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-27166
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-27175
CVE-2025-27175 affects Adobe InDesign Desktop (ID20.1, ID19.5.2 and earlier). The issue is an out-of-bounds write in InDesign’s handling of a file, leading to arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file...
CVE-2025-27175 InDesign Desktop | Out-of-bounds Write (CWE-787)
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-27178
Adobe InDesign Desktop (IDs ID20.1, ID19.5.2 and earlier) is affected by an out-of-bounds write vulnerability (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file, i.e., user interaction is required. Affect...
CVE-2025-27177
Adobe InDesign Desktop (ID20.1, ID19.5.2 and earlier) is affected by a heap-based buffer overflow (CVE-2025-27177) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected versions and roo...
CVE-2025-27176
CVE-2025-27176 refers to a NULL Pointer Dereference in Adobe InDesign Desktop (ID20.1, ID19.5.2 and earlier) that could crash the app and cause a denial-of-service. The issue requires user interaction (victim must open a malicious file). Connected sources corroborate the vulnerability in InDesign...
CVE-2025-24452
CVE-2025-24452 affects Adobe InDesign Desktop (IDs ID20.1, ID19.5.2 and earlier) and is caused by an out-of-bounds write in a vulnerable component, enabling arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file (user interaction). Ver...
CVE-2025-27179
CVE-2025-27179 affects Adobe InDesign Desktop versions ID20.1, ID19.5.2 and earlier and is a NULL Pointer Dereference vulnerability that can cause application denial-of-service. The issue requires user interaction: a victim must open a malicious file, which may crash the application. Connected so...
PT-2025-10879 · Adobe · Indesign Desktop
Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions ID20.1, ID19.5.2 and earlier Description: The issue is an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...
CVE-2025-21126
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service condition. An attacker could exploit this vulnerability to cause the application to crash, resulting in a denial of service...
CVE-2025-21157
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-21123
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-21121
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-21125
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of...
CVE-2025-21121
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-21126
The CVE-2025-21126 case concerns Adobe InDesign Desktop (ID20.0, ID19.5.1 and earlier) with an Improper Input Validation vulnerability that can cause an application crash and denial of service. Documents consistently describe the issue as requiring user interaction (victim opens a malicious file)...
CVE-2025-21123
CVE-2025-21123 affects Adobe InDesign Desktop (IDs 20.0, 19.5.1 and earlier). The issue is a heap-based buffer overflow in the application that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. P...
CVE-2025-21123 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...