16 matches found
CVE-2026-43715
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption...
CVE-2026-43722
Technical details are not publicly available in the provided documents; monitor for updates.
CVE-2026-43734
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2026-52794 Sentry: Inefficient Regular Expression Complexity in sentry
Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Sentry's event ingestion pipeline, where a regex applied to attacker-controlled fields on incoming events can be made to consume...
CVE-2026-52794
Sentry CVE-2026-52794 describes a ReDoS in the event ingestion pipeline affecting versions from 24.4.0 through 26.5.2, where a regex on attacker-controlled fields can cause excessive CPU time. The flaw has a CVSSv3.1 base score of 7.5 (High) with network attack vector and no privileges required. ...
Incorrect Privilege Assignment
Overview org.keycloak:keycloak-server-spi-private is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Incorrect Privilege Assignment via the Admin API. An attacker can access sensitive user attributes ...
Design/Logic Flaw
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-25860
CVE-2023-25860 affects Adobe Illustrator 26.5.2 and earlier, and 27.2.0 and earlier. The vulnerability is an out-of-bounds write that could lead to arbitrary code execution in the context of the current user and requires the victim to open a crafted file (user interaction). Affected versions are ...
CVE-2023-26426 Adobe Illustrator (Beta) has a UAF vulnerability when parsing SVG files Arbitrary code execution
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-25862 Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interacti...
CVE-2023-25859 Adobe Illustrator Improper Input Validation Remote Code Execution Vulnerability
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi...
CVE-2023-26426 Adobe Illustrator (Beta) has a UAF vulnerability when parsing SVG files Arbitrary code execution
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-25861 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-25861 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-25862 Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interacti...
CVE-2023-25860 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...