120854 matches found
CVE-2025-61815
Adobe InDesign Desktop is affected by CVE-2025-61815 (and related CVEs) in versions 20.5, 19.5.5 and earlier. The issue is a Use After Free leading to arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Multiple connected...
CVE-2025-61814 InDesign Desktop | Use After Free (CWE-416)
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-13027
Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 145 and Thunderbird 145...
CVE-2025-13027
Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...
UBUNTU-CVE-2025-13027
Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...
CVE-2025-13027 Memory safety bugs fixed in Firefox 145 and Thunderbird 145
Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...
CVE-2025-13027 Memory safety bugs fixed in Firefox 145 and Thunderbird 145
Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 145 and Thunderbird 145...
EUVD-2025-74046
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-4645
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-4645
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-4645
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-4645
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-4645
CVE-2025-4645 affects Axis OS/Axis ACAP handling: an ACAP configuration file with insufficient input validation can lead to arbitrary code execution if an Axis device is configured to allow unsigned ACAP apps and a victim is persuaded to install a malicious ACAP package. The vulnerability is atta...
EUVD-2025-60988
SQL Anywhere Monitor Non-GUI baked credentials into the code,exposing the resources or functionality to unintended users and providing attackers with the possibility of arbitrary code execution.This could cause high impact on confidentiality integrity and availability of the system...
CVE-2025-42890
SQL Anywhere Monitor Non-GUI baked credentials into the code,exposing the resources or functionality to unintended users and providing attackers with the possibility of arbitrary code execution.This could cause high impact on confidentiality integrity and availability of the system...
CVE-2025-42890 Insecure key & Secret Management vulnerability in SQL Anywhere Monitor (Non-Gui)
SQL Anywhere Monitor Non-GUI baked credentials into the code,exposing the resources or functionality to unintended users and providing attackers with the possibility of arbitrary code execution.This could cause high impact on confidentiality integrity and availability of the system...
CVE-2025-42890
SAP SQL Anywhere Monitor (Non-GUI) contains hard-coded credentials in its code, affecting version 17.0 and earlier (prior to SAP Note 3666261). This creates risk of unauthorized access and potential arbitrary code execution. Remediation: apply SAP Note 3666261 and rotate related credentials. As a...
PT-2025-46440
Name of the Vulnerable Software and Affected Versions InDesign Desktop versions 20.5, 19.5.5 and earlier Description The software contains a Use After Free issue that may lead to arbitrary code execution with the privileges of the current user. Successful exploitation requires a user to open a...
PT-2025-46367
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 145 Thunderbird versions prior to 145 Description Memory safety bugs exist in Firefox 144 and Thunderbird 144. These bugs demonstrate evidence of memory corruption, and it is presumed that, with sufficient effort, the...
PT-2025-46529
Name of the Vulnerable Software and Affected Versions Lite XL versions 2.1.8 and prior Description Lite XL is a lightweight, cross-platform text editor written in Lua and C, designed for extensibility via plugins and project-specific modules. The application executes project-level Lua modules and...