CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2024/11/12 8:45 p.m.•51 views

CVE-2024-49509

Adobe InDesign Desktop (ID18.5.3, ID19.5 and earlier) is affected by a heap-based buffer overflow (CWE-122) that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. The issue is addressed in APSB24-88 with security upda...

CVE•added 2024/11/12 8:45 p.m.•51 views

CVE-2024-49511

CVE-2024-49511 describes an out-of-bounds read in Adobe InDesign Desktop for ID18.5.3, ID19.5, and earlier, which can disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). Connected documents confirm affected versions and the vulnerability c...

5.5CVSS5.1AI score0.0003EPSS

Cvelist•added 2024/11/12 8:45 p.m.•14 views

CVE-2024-49511 InDesign Desktop | Out-of-bounds Read (CWE-125)

InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

5.5CVSS0.0003EPSS

Vulnrichment•added 2024/11/12 8:45 p.m.•12 views

CVE-2024-49511 InDesign Desktop | Out-of-bounds Read (CWE-125)

5.5CVSS6.3AI score0.0003EPSS

Cvelist•added 2024/11/12 8:45 p.m.•19 views

CVE-2024-49507 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00234EPSS

Vulnrichment•added 2024/11/12 8:45 p.m.•8 views

CVE-2024-49507 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

CVE•added 2024/11/12 8:45 p.m.•58 views

CVE-2024-49507

Adobe InDesign Desktop (ID18.5.2, ID19.5 and earlier) is affected by a heap-based buffer overflow that can allow arbitrary code execution in the current user’s context. Exploitation requires user interaction (opening a malicious file). APSB24-88 and related advisories indicate updates to fixed bu...

Cvelist•added 2024/11/12 8:45 p.m.•15 views

CVE-2024-49508 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

7.8CVSS0.00234EPSS

CVE•added 2024/11/12 8:45 p.m.•54 views

CVE-2024-49508

CVE-2024-49508 concerns InDesign Desktop. Affected: ID18.5.2, ID19.5 and earlier. Issue: a heap-based buffer overflow that can allow arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). Connected sources confirm the vuln...

Vulnrichment•added 2024/11/12 8:45 p.m.•14 views

CVE-2024-49508 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

Qualys Blog•added 2024/11/12 7:59 p.m.•35 views

Microsoft and Adobe Patch Tuesday, November 2024 Security Update Review

Microsoft has released its November 2024 Patch Tuesday updates, targeting various vulnerabilities that could impact users and organizations worldwide. From zero-day threats to key product patches, here’s what’s crucial to apply this month. Here’s a breakdown of the updates and how they impact you...

9.8CVSS9.2AI score0.90313EPSS

Exploits3

CISA•added 2024/11/12 12:0 p.m.•2 views

Adobe Releases Security Updates for Multiple Products

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...

7.6AI score

Exploits0References8

Positive Technologies•added 2024/11/12 12:0 a.m.•2 views

PT-2024-8788 · Adobe · Indesign Desktop

Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions ID18.5.3, ID19.5 and earlier Description: The issue is related to a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires use...

7.8CVSS7.5AI score0.00234EPSS

Exploits0References8

CNNVD•added 2024/11/12 12:0 a.m.•3 views

Adobe InDesign 缓冲区错误漏洞

Adobe InDesign is a desktop publishing application from Adobe that is primarily used for typesetting and editing a variety of printed materials. Adobe InDesign is vulnerable to an out-of-bounds read vulnerability that stems from the inclusion of an out-of-bounds read vulnerability. An attacker...

5.5CVSS6.6AI score0.00031EPSS

CNNVD•added 2024/11/12 12:0 a.m.•1 views

Adobe InDesign 缓冲区错误漏洞

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a sensitive memory leak...

5.5CVSS6.6AI score0.0003EPSS

Positive Technologies•added 2024/11/12 12:0 a.m.•4 views

PT-2024-9701 · Adobe · Indesign Desktop

Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions ID18.5.3, ID19.5 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass...

5.5CVSS6.5AI score0.00031EPSS

Exploits0References7

CNNVD•added 2024/11/12 12:0 a.m.•3 views

Adobe InDesign 安全漏洞

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS7.9AI score0.00234EPSS

CNNVD•added 2024/11/12 12:0 a.m.•2 views

Adobe InDesign 缓冲区错误漏洞

5.5CVSS6.6AI score0.00031EPSS