CVE-2026-21283

Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2024-28807

Malicious code in bioql PyPI...

CVE-2025-47280

Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workfl...

CVE-2024-30889

Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remote attacker to execute arbitrary code via the service, method, widgettype, requestid, payload parameters...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure which allows an attacker to determine the existence of user accounts by analyzing the response times and codes. Remediation Upgrade Umbraco.Cms.Core to version 14.3.2, 15.1.2 or higher. References - GitHub Commit -...

Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes

Impact Based on an analysis of response codes and timing of Umbraco 14+ management API responses, it's possible to determine whether an account exists. Patches Patched in 14.3.2 and 15.1.2. Workarounds None available...

CVE-2025-24011

Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an account exists based on an analysis of response codes and timing of Umbraco management API responses. Versions 14.3.2 and...

Adobe InDesign 15.0.0 < 15.1.2 Multiple Arbitrary Code Execution (APSB20-52) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 15.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-52 advisory. - A memory corruption vulnerability exists in InDesign 15.1.1 and earlier versions. Insecure handling of a malicious...

F5 Networks BIG-IP : BIG-IP MPTCP vulnerability (K43470422)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.5.3 / 13.1.3.6 / 14.1.3.1 / 15.1.2 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K43470422 advisory. - On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before...

F5 Networks BIG-IP : iControl REST vulnerability (K68652018)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.6 / 14.1.3.1 / 15.1.2 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K68652018 advisory. An authenticated attacker with access to iControl REST over the control plane may be...

Null pointer dereference

Adobe InDesign version 15.1.2 and earlier is affected by a NULL pointer dereference bug that occurs when handling a malformed .indd file. The impact is limited to causing a denial-of-service of the client application. User interaction is required to exploit this issue...

Adobe InDesign Memory Corruption Vulnerability (CNVD-2020-57855)

Adobe InDesign is a desktop publishing DTP application from Adobe that is primarily used for typesetting and editing a variety of printed materials. A memory corruption vulnerability exists in Adobe InDesign 15.1.2 and earlier versions. An attacker can exploit this vulnerability to achieve...

Adobe InDesign Security Update (APSB20-52) - Windows

Adobe InDesign is prone to multiple vulnerabilities Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Adobe InDesign Security Update (APSB20-52) - Mac OS X

Adobe InDesign is prone to multiple vulnerabilities Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Parallels Desktop xHCI Component Competitive Conditions Issue Vulnerability

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A competitive condition issue vulnerability exists in the xHCI component in Corel Parallels Desktop version 15.1.2-47123. An attacker could exploit the vulnerability to elevate privileges and...