110438 matches found
Adobe InDesign Desktop Out-of-Bounds Read Vulnerability (CNVD-2026-19442)
Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute arbitrary code on the system...
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Samsung MagicINFO 9 Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produ...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the multiple writer sinks such as serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default value emission. An attacker can execute arbitra...
CVE-2026-39842 OpenRemote is Vulnerable to Expression Injection
OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the server. The JavaScript rules engine executes user-supplied scripts via Nashorn's ScriptEngine.eval...
CVE-2026-27298
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2026-27297 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27290
Adobe Framemaker versions 2022.8 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could...
CVE-2026-27298 Adobe Framemaker | Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843)
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2026-34631
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27304
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...
CVE-2026-27304
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...
CVE-2026-27306 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker requires elevated privileges. Exploitation of this issue requires user interaction in that a victim...
EUVD-2026-22695
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-5713
A flaw was found in Python. A malicious Python process could exploit the "profiling.sampling" module and "asyncio introspection capabilities" to read and write memory addresses within a privileged process. This vulnerability occurs when the privileged process connects to the malicious process via...
CVE-2026-34631 InCopy | Out-of-bounds Write (CWE-787)
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34631 InCopy | Out-of-bounds Write (CWE-787)
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
[SECURITY] [DSA 6211-1] thunderbird security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6211-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 14, 2026 https://www.debian.org/security/faq -...
[SECURITY] [DSA 6210-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6210-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 14, 2026 https://www.debian.org/security/faq -...
CVE-2026-27312
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27311
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...