206146 matches found
CVE-2026-21280
Adobe Illustrator 29.8.3, 30.0 and earlier are affected by CVE-2026-21280, an Untrusted Search Path vulnerability that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: the attacker must entice the victim to open a malicious file, and...
CVE-2026-21277
Summary: CVE-2026-21277 affects Adobe InDesign Desktop (versions 21.0, 19.5.5 and earlier). A heap-based buffer overflow could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a specially crafted file. Multiple sources...
CVE-2026-21304 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21276 InDesign Desktop | Access of Uninitialized Pointer (CWE-824)
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21267 Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...
CVE-2026-21267 Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...
CVE-2026-21267
Dreamweaver Desktop (Windows/macOS)
CVE-2026-21271 Dreamweaver Desktop | Improper Input Validation (CWE-20)
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...
CVE-2026-21271
Dreamweaver Desktop (Windows/macOS) versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that can lead to arbitrary code execution in the context of the current user when a user opens a malicious file. The issue requires user interaction and has been fixed in newer...
CVE-2026-21271 Dreamweaver Desktop | Improper Input Validation (CWE-20)
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...
CVE-2026-21274 Dreamweaver Desktop | Incorrect Authorization (CWE-863)
Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code...
CVE-2026-21274
CVE-2026-21274 affects Dreamweaver Desktop versions 21.6 and earlier. The issue is an Incorrect Authorization vulnerability that could allow arbitrary code execution in the context of the current user, with exploitation requiring the victim to open a malicious file (i.e., user interaction). Multi...
CVE-2026-21268 Dreamweaver Desktop | Improper Input Validation (CWE-20)
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is...
CVE-2026-0892
Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 147 and Thunderbird 147...
CVE-2026-0891
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox...
CVE-2026-0892
Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 147 and Thunderbird 147...
UBUNTU-CVE-2026-0891
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...
UBUNTU-CVE-2026-0892
Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 147 and Thunderbird 147...
Astra Linux – Vulnerability in Firefox
Memory safety bugs exist in Firefox 146. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 146.0.1...
USN-7957-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...