CVE-2025-27200

Animate versions 24.0.7, 23.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-30296 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-27196 Premiere Pro | Heap-based Buffer Overflow (CWE-122)

Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-2530

Luxion KeyShot is affected by a DAE file parsing vulnerability tied to an uninitialized pointer, enabling remote code execution. The flaw resides in parsing .dae files and requires user interaction (visiting a malicious page or opening a malicious file). Affected software versions include Luxion ...

PT-2025-34796

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to November 2025 updates Description This issue is a remote code execution vulnerability in Microsoft Windows related to the handling of LNK shortcut files. The vulnerability stems from a flaw in how Windows...

CVE-2025-27173

Substance3D - Modeler versions 1.15.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-27169

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-2017

Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2025-2021 Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2025-27174

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-27158

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus...

CVE-2025-27162 Acrobat Reader | Access of Uninitialized Pointer (CWE-824)

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus...

CVE-2025-24444

CVE-2025-24444 affects Substance3D Sampler up to and including version 4.5.2. The issue is an out-of-bounds write that could allow arbitrary code execution in the context of the current user, with exploitation requiring the victim to open a malicious file (user interaction). Several connected sou...

CVE-2025-24439 Substance3D - Sampler | Heap-based Buffer Overflow (CWE-122)

Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2025-10866 · Adobe · Substance3D - Sampler

Name of the Vulnerable Software and Affected Versions: Substance3D - Sampler versions 4.5.2 and earlier Description: The issue is an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

Linux Distros Unpatched Vulnerability : CVE-2021-42530

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the...

CVE-2025-21163

Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21156 InCopy | Integer Underflow (Wrap or Wraparound) (CWE-191)

InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Vulnerabilities fixed in F5 BIG-IP

F5 has fixed vulnerabilities in BIG-IP. A malicious party could exploit the vulnerabilities to launch attacks that could lead to the following categories of damage: - Denial-of-Service DoS. - Circumvention of a security measure - Execution of arbitrary code Root/admin - Execution of arbitrary cod...

CVE-2024-57707

An issue in DataEase v1 allows an attacker to execute arbitrary code via the user account and password components...