EUVD-2026-22720

InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-22730

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17785)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

Adobe Framemaker Type Obfuscation Vulnerability

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A type confusion vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause arbitrar...

Adobe Illustrator Out-of-Bounds Write Vulnerability (CNVD-2026-19438)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code on a system...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. A type confusion vulnerability exists in Google Chrome's Turbofan compiler. The vulnerability stems from Turbofan's failure to properly handle types in certain JavaScript code, which can be exploited by an attacker to execute arbitrary code in t...

PT-2026-33061

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges...

Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17718)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Framemaker Numeric Error Vulnerability (CNVD-2026-19994)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A numeric error vulnerability exists in Adobe Framemaker, which can be exploited by an attacker to cause arbitrary...

Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17735)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on a system or cause an application to crash...

PT-2026-33167

Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A signed integer overflow exists in the DVD subtitle parser's fragment reassembly bounds checks. A remote attacker can exploit this by providing a specially crafted MPEG-PS/VOB media file...

Linux Distros Unpatched Vulnerability : CVE-2026-6384

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's ReadJeffsImage function allows an attacker to write beyond an...

Microsoft vcpkg OpenSSL Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on applications built using the Microsoft vcpkg port of OpenSSL. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

AlmaLinux 10 : vim (ALSA-2026:7711)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via...

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-19446)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

Adobe Photoshop Installer 安全漏洞

Adobe Photoshop Installer is a installation program for the image editing software Adobe Photoshop. The Adobe Photoshop Installer has a security vulnerability, which stems from uncontrolled search path elements, potentially allowing arbitrary code to be executed in the current user environment...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. Google Chrome suffers from a memory misreference vulnerability. The vulnerability stems from a failure of the Cast component to properly handle memory objects and can be exploited by an attacker to execute arbitrary code via a specially crafted...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in the Google Chrome Forms component, which can be exploited by an attacker to execute arbitrary code from a specially crafted HTML page in a sandbox...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. An out-of-bounds read vulnerability exists in the Media component of Google Chrome. The vulnerability stems from a failure of the Media component to properly handle certain UI gestures and can be exploited by an attacker to execute arbitrary cod...

AlmaLinux 10 : openexr (ALSA-2026:7682)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:7682 advisory. openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVE-2026-27622 Tenable has extracted the preceding description block direct...