CVE-2025-61824

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61814

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61819 Photoshop Desktop | Heap-based Buffer Overflow (CWE-122)

Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61819 Photoshop Desktop | Heap-based Buffer Overflow (CWE-122)

Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61819

Adobe Photoshop Desktop up to version 26.8.1 is affected by a Heap-based Buffer Overflow that can permit arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Multiple sources confirm the issue and document that updates exi...

CVE-2025-61818 InCopy | Use After Free (CWE-416)

InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61816

Adobe InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow (CVE-2025-61816) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (the user must open a malicious file). The issue is discussed alongsi...

CVE-2025-61817

Adobe InCopy is affected by CVE-2025-61817 (Use After Free) in versions 20.5, 19.5.5 and earlier, allowing arbitrary code execution in the current user context. Exploitation requires user interaction (opening a malicious file). CVSS v3.1 base score 7.8 (High) with Local attack vector, User Intera...

CVE-2025-61815 InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61815

Adobe InDesign Desktop is affected by CVE-2025-61815 (and related CVEs) in versions 20.5, 19.5.5 and earlier. The issue is a Use After Free leading to arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Multiple connected...

CVE-2025-61814 InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-13027

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 145 and Thunderbird 145...

CVE-2025-13027

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...

UBUNTU-CVE-2025-13027

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...

CVE-2025-13027 Memory safety bugs fixed in Firefox 145 and Thunderbird 145

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...

CVE-2025-13027 Memory safety bugs fixed in Firefox 145 and Thunderbird 145

Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...

EUVD-2025-74046

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...

CVE-2025-4645

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...

CVE-2025-4645

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...

CVE-2025-4645

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...