CVE-2022-37381

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2022-40650

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

CVE-2019-17141

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-27860

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-17419

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2024-53965

Adobe Experience Manager (AEM) versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability (CVE-2024-53965). The root cause is manipulation of a DOM element via a crafted URL or user input, enabling a low-privileged attacker to run arbitrary scripts in the vic...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial of Service DoS - Circumvention of security measure - Execution of arbitrary code User Rights - Execution of arbitrar...

CVE-2025-21135

Summary: CVE-2025-21135 affects Adobe Animate versions 24.0.6, 23.0.9 and earlier. It is an Integer Underflow (Wrap/wraparound) that could lead to arbitrary code execution in the current user context . Exploitation requires user interaction via opening a malicious file. Remediation: Adobe has rel...

CVE-2025-21132

CVE-2025-21132 affects Adobe Substance3D Stager ≤ 3.0.4, where an out-of-bounds write could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). APSB25-03 confirms multiple vulnerabilities and a fix path; remediation...

CVE-2025-21131 Substance3D - Stager | Out-of-bounds Write (CWE-787)

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21130 Substance3D - Stager | Out-of-bounds Write (CWE-787)

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21130

Adobe Substance 3D Stager (versions 3.0.4 and earlier) is affected by an out-of-bounds write vulnerability (CWE-787) that could allow arbitrary code execution in the current user’s context. Exploitation requires the user to open a malicious file, i.e., user interaction is needed. The issue is ref...

CVE-2025-21128

The CVE-2025-21128 entry concerns Adobe Substance3D Stager, feature: Stack-based Buffer Overflow in Stager versions 3.0.4 and earlier. Root cause: overflow in processing of user-provided files leading to arbitrary code execution in the context of the current user. Impact: high, since code executi...

CVE-2025-21122 Photoshop Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)

Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi...

CVE-2022-44512

Acrobat Reader DC version 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

CVE-2022-44512 Acrobat Reader | Out-of-bounds Write (CWE-787)

Acrobat Reader DC version 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

CVE-2024-53956

Premiere Pro versions 25.0, 24.6.3 and earlier are affected by a heap-based buffer overflow that could allow arbitrary code execution in the user context. Exploitation requires user interaction (victim must open a malicious file). Multiple sources confirm the issue as CVE-2024-53956 and tie it to...

CVE-2024-52984

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-52982

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-52986

Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...