CVE-2025-21158

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2025-21158 InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2025-21158 InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2025-21158

CVE-2025-21158 affects Adobe InDesign Desktop (ID20.0, ID19.5.1 and earlier). Root cause: integer underflow (wrap/wraparound) in a local-execution path that, with user interaction (open a malicious file), could lead to arbitrary code execution in the current user context. Affected component is In...

Adobe InCopy 数字错误漏洞

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from an integer underflow vulnerability that can be exploited by an attacker to execute arbitrary code...

PT-2025-6280 · Adobe · Incopy

Name of the Vulnerable Software and Affected Versions: InCopy versions 20.0, 19.5.1 and earlier Description: The issue is an Integer Underflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, wher...

Adobe InCopy < 19.5.2 / 20.0 < 20.1.0 Arbitrary code execution (APSB25-10)

The version of Adobe InCopy installed on the remote host is prior to 19.5.2, 20.1.0. It is, therefore, affected by a vulnerability as referenced in the APSB25-10 advisory. - Integer Underflow Wrap or Wraparound CWE-191 potentially leading to Arbitrary code execution CVE-2025-21156 Note that Nessu...

Adobe InDesign < 19.5.2 / 20.0 < 20.1.0 Multiple Vulnerabilities (APSB25-01) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 19.5.2, 20.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-01 advisory. - InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow Wrap or...

Adobe Illustrator < 28.7.4 / 29.0.0 < 29.2.1 Multiple Arbitrary code execution (APSB25-11) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 28.7.4, 29.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-11 advisory. - Stack-based Buffer Overflow CWE-121 potentially leading to Arbitrary code execution CVE-2025-21163 - Us...

Adobe InDesign < 19.5.2 / 20.0 < 20.1.0 Multiple Vulnerabilities (APSB25-01)

The version of Adobe InDesign installed on the remote Windows host is prior to 19.5.2, 20.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-01 advisory. - InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow Wrap or...

Adobe Illustrator < 28.7.4 / 29.0.0 < 29.2.1 Multiple Arbitrary code execution (APSB25-11)

The version of Adobe Illustrator installed on the remote Windows host is prior to 28.7.4, 29.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-11 advisory. - Stack-based Buffer Overflow CWE-121 potentially leading to Arbitrary code execution CVE-2025-21163 -...

Azure Linux 3.0 Security Update: qemu (CVE-2022-3165)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3165 advisory. - An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the...

Updated gstreamer1.0, gstreamer1.0-plugins-base & gstreamer1.0-plugins-good packages fix security vulnerabilities

GStreamer has an OOB-write in isomp4/qtdemux.c. CVE-2024-47537 GStreamer has a stack-buffer overflow in vorbishandleidentificationpacket. CVE-2024-47538 GStreamer has an OOB-write in converttos3341a. CVE-2024-47539 GStreamer uses uninitialized stack memory in Matroska/WebM demuxer. CVE-2024-47540...

CVE-2022-36063

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...

CVE-2022-24046

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 S2 systems and 11.2.13 build 57923290 S1 systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd...

CVE-2022-37301

A CWE-191: Integer Underflow Wrap or Wraparound vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU part numbers BMXP34V3.40 and prior, Modicon M580 CPU part numbers BME...

CVE-2019-5099

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

CVE-2019-5148

An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packe...

CVE-2020-17395

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2024-23313

An integer underflow vulnerability exists in the sopenFAMOSread functionality of The Biosig Project libbiosig 2.5.0 and Master Branch ab0ee111. A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a maliciou...