CVE-2025-21126

The CVE-2025-21126 case concerns Adobe InDesign Desktop (ID20.0, ID19.5.1 and earlier) with an Improper Input Validation vulnerability that can cause an application crash and denial of service. Documents consistently describe the issue as requiring user interaction (victim opens a malicious file)...

CVE-2025-21158 InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2025-21158

CVE-2025-21158 affects Adobe InDesign Desktop (ID20.0, ID19.5.1 and earlier). Root cause: integer underflow (wrap/wraparound) in a local-execution path that, with user interaction (open a malicious file), could lead to arbitrary code execution in the current user context. Affected component is In...

CVE-2025-21158 InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2025-21123

CVE-2025-21123 affects Adobe InDesign Desktop (IDs 20.0, 19.5.1 and earlier). The issue is a heap-based buffer overflow in the application that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. P...

CVE-2025-21125

CVE-2025-21125 affects Adobe InDesign Desktop (ID20.0, ID19.5.1 and earlier). Root cause: NULL pointer dereference leading to application denial-of-service. Exploitation requires user interaction (victim opens a malicious file). Affected products/versions are stated in the CVE entry and corrobora...

CVE-2025-21123 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21125 InDesign Desktop | NULL Pointer Dereference (CWE-476)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of...

CVE-2025-21123 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21125 InDesign Desktop | NULL Pointer Dereference (CWE-476)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of...

CVE-2025-21157

CVE-2025-21157 concerns Adobe InDesign Desktop. Affected: InDesign ID20.0, ID19.5.1 and earlier. Vulnerability: out-of-bounds write in a component used by these builds, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a mal...

CVE-2025-21157 InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21157 InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21121 InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21121 InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21121

Adobe InDesign Desktop (IDs 20.0, 19.5.1 and earlier) is affected by an out-of-bounds write vulnerability (CVE-2025-21121) that could enable arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. The issue is classified w...

CVE-2025-21124 InDesign Desktop | Out-of-bounds Read (CWE-125)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2025-21124 InDesign Desktop | Out-of-bounds Read (CWE-125)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2025-21124

Adobe InDesign CVE-2025-21124 affects InDesign Desktop versions ID20.0, ID19.5.1 and earlier with an out-of-bounds read vulnerability that could disclose sensitive memory and bypass mitigations such as ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected product/...

Adobe InDesign 缓冲区错误漏洞

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...