CVE-2026-27287

CVE-2026-27287 affects Adobe InCopy versions 20.5.2, 21.2 and earlier. It is an out-of-bounds read when parsing a crafted file, potentially allowing code execution in the context of the current user. Exploitation requires user interaction (the victim must open a malicious file); attack vector is ...

EUVD-2026-22432

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27283

CVE-2026-27283 : InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use-After-Free (CWE-416) vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected produc...

Adobe InDesign Desktop 安全漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe Inc. Versions of Adobe InDesign Desktop prior to 20.5.2 and versions 21.2 and earlier have security vulnerabilities. These vulnerabilities stem from heap buffer overflows, which may allow arbitrary code to be executed under the...

PT-2026-32703

Name of the Vulnerable Software and Affected Versions InDesign Desktop versions 20.5.2 and 21.2 and earlier Description An out-of-bounds write occurs when a program writes data past the end of the intended buffer. This issue could result in arbitrary code execution in the context of the current...

CVE-2024-46879

A Reflected Cross-Site Scripting XSS vulnerability exists in the POST request data zipPath of tiki-adminsystem.php in Tiki version 21.2. This vulnerability allows attackers to execute arbitrary JavaScript code via a crafted payload, leading to potential access to sensitive information or...

Tiki 安全漏洞

Tiki is a set of open-source content management and portal applications developed by the Tiki community. It can be used to create web applications, portals, intranets, extranets, etc. Version 21.2 of Tiki contains a security vulnerability, which stems from insufficient input validation of the...

CVE-2023-4551

Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating...

EUVD-2024-19253

Malicious code in bioql PyPI...

Azure File Sync Agent v21.2 Release – July 2025 (KB5063825)

Update Rollup for Azure File Sync agent version 21.2.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v21.2 Release – July 2025 (KB5063825)

Update Rollup for Azure File Sync agent version 21.2.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v21.2 Release – July 2025

Azure File Sync Agent v21.2 Release – July 2025 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v21.2 release that is dated July 2025. Additionally, this article contains installation instructions for this release. Improvements and issues that are...

Input validation

Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An authenticated AppBuilder user with the ability to create or manage existing databases can leverage them to exploit the AppBuilder server - including access to its local file system. This...

Design/Logic Flaw

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...

CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.

Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...

OpenText Archive Center Administration 代码问题漏洞

OpenText Archive Center Administration is an archive center administration from OpenText Canada. A security vulnerability exists in OpenText Archive Center Administration version 21.2 and prior versions. An attacker could exploit the vulnerability to upload a specially crafted XML file to an...

PT-2022-10086 · Ericsson · Ericsson Network Manager

Name of the Vulnerable Software and Affected Versions: Ericsson Network Manager versions prior to 21.2 Description: The issue allows users belonging to the same AMOS authorization group to retrieve data from certain log files, potentially leading to privilege escalation. All AMOS users are...

Intel Graphics Performance Analyzers 代码问题漏洞

Intel Graphics Performance Analyzers Intel Gpa is a graphics performance analyzer from Intel Corporation USA. A code issue vulnerability exists in Intel Graphics Performance Analyzers version 21.2 that could allow an authenticated user to potentially enable escalation to gain privileges via local...

Intel® GPA Software Advisory

Summary: A potential security vulnerability in the Intel® Graphics Performance Analyzers GPA software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33101 Description: Uncontrolled search path...

Baker Hughes Bently Nevada 3500

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bently Nevada, a Baker Hughes subsidiary Equipment: 3500 Vulnerability: Use of Password Hash with Insufficient Computational Effort 2. REPOSTED INFORMATION This advisory was originally posted to the...