32 matches found
CVE-2026-34696
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34700 InDesign Desktop | Out-of-bounds Write (CWE-787)
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34703
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL pointer dereference that can crash the application and cause a denial-of-service condition. Exploitation requires user interaction: the victim must open a malicious file. The available documents do not provide a remediation...
CVE-2026-34705 InDesign Desktop | Out-of-bounds Read (CWE-125)
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a...
Adobe InDesign Desktop 安全漏洞
Adobe InDesign Desktop is a professional desktop publishing software, primarily used for page design, printing, and digital publishing. Adobe InDesign Desktop has a heap buffer overflow vulnerability, which stems from improper handling of certain file data, leading to out-of-bound writes to the...
CVE-2026-27285 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires...
CVE-2026-3356
The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanism to enable or configure authentication, the issue is inherent to its design rather than a...
CVE-2026-21332 InDesign Desktop | Out-of-bounds Read (CWE-125)
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that...
CVE-2026-21357
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21276
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21276
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2026-2787
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2025-46440
Name of the Vulnerable Software and Affected Versions InDesign Desktop versions 20.5, 19.5.5 and earlier Description The software contains a Use After Free issue that may lead to arbitrary code execution with the privileges of the current user. Successful exploitation requires a user to open a...
EUVD-2021-23635
Malware in sbrugna...
CVE-2025-54207
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-54212
InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
MAD-Spear: a Conformity-Driven Prompt Injection Attack on Multi-Agent Debate Systems
Multi-agent debate MAD systems leverage collaborative interactions among large language models LLMs agents to improve reasoning capabilities. While recent studies have focused on increasing the accuracy and scalability of MAD systems, their security vulnerabilities have received limited attention...
Vulnerabilities fixed in Adobe InDesign Desktop
Adobe has fixed vulnerabilities in InDesign Desktop Specifically for versions ID20.2, ID19.5.3, and earlier. The vulnerabilities include a Heap-based Buffer Overflow, Use After Free, NULL Pointer Dereference, and out-of-bounds read, all of which can lead to arbitrary code execution or disclosure ...
CVE-2025-43590
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2025-43589
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...