Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.12 views

CVE-2026-34698

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:49 p.m.10 views

CVE-2026-34706 InCopy | Out-of-bounds Write (CWE-787)

InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:49 p.m.36 views

CVE-2026-34706 InCopy | Out-of-bounds Write (CWE-787)

InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:43 p.m.37 views

CVE-2026-34696 InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00166EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:43 p.m.35 views

CVE-2026-34697 InDesign Desktop | Stack-based Buffer Overflow (CWE-121)

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe InDesign Desktop 代码问题漏洞

Adobe InDesign Desktop is a page layout software developed by Adobe, a company based in America. Versions of Adobe InDesign Desktop such as 21.3, 20.5.3, and earlier versions have code vulnerabilities. These vulnerabilities stem from null pointer dereferencing issues, which can lead to applicatio...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/15 9:30 p.m.8 views

Grafana Loki Path Traversal - CVE-2021-36156 Bypass

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/namespace Thanks to Prasanth Sundararajan for reporting this vulnerability...

5.3CVSS5.8AI score0.01489EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.7 views

CVE-2021-33317

The TRENDnet TI-PG1284i switchhw v2.0R prior to version 2.0.2.S0 suffers from a null pointer dereference vulnerability. This vulnerability exists in its lldp related component. Due to fail to check if ChassisID TLV is contained in the packet, by sending a crafted lldp packet to the device, an...

7.5CVSS6.7AI score0.00868EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/15 7:27 p.m.5 views

CVE-2025-50069

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.27 and 21.3-21.18. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise...

7.7CVSS5.8AI score0.00314EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:58 a.m.4 views

CVE-2024-5866

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing listing of arbitrary directory outside the root directory of the web application. Versions 23.1-HF7 and on have the patch...

5CVSS7.2AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.4 views

CVE-2023-22074

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via...

2.4CVSS4.6AI score0.00887EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.5 views

CVE-2023-22034

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit...

4.9CVSS5.5AI score0.00411EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.6 views

CVE-2021-32742

Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently...

9.1CVSS6.8AI score0.01199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:20 a.m.11 views

CVE-2021-35105

Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

8.4CVSS7.1AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:47 p.m.23 views

CVE-2020-13515

A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause an adversary to obtain elevated privileges. An attacker can send a malicious IRP to trigger this vulnerability...

8.8CVSS6.9AI score0.00527EPSS
Exploits1
OSV
OSV
added 2024/07/02 4:15 p.m.5 views

CVE-2024-5865

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Versions 23.1-HF7 and on have the patch...

6.5CVSS5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.4 views

PT-2024-5106 · Adobe · Dreamweaver

Name of the Vulnerable Software and Affected Versions: Adobe Dreamweaver versions 21.3 and earlier Description: The issue exists due to the improper neutralization of special elements used in an OS command, which could lead to arbitrary code execution by an attacker. Exploitation of this issue...

7.8CVSS7.9AI score0.00865EPSS
Exploits0References14
OSV
OSV
added 2022/07/19 10:15 p.m.2 views

CVE-2022-21508

Vulnerability in Oracle Essbase component: Security and Provisioning. The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Essbase executes to compromise Oracle Essbase. Successful attacks...

5.8CVSS7.3AI score0.00244EPSS
Exploits0References1
Circl
Circl
added 2022/05/24 10:37 p.m.8 views

CVE-2021-3597

creationtimestamp| type| source ---|---|--- 2022-05-24 22:37:07+00:00| seen| https://t.me/cibsecurity/43289 2024-01-28 06:43:46+00:00| seen| https://t.me/arpsyndicate/3237...

5.9CVSS6.1AI score0.01061EPSS
Exploits0References2
OSV
OSV
added 2021/10/31 3:8 p.m.4 views

OPENSUSE-SU-2021:1426-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: Update to version 2.86 - CVE-2021-3448: fixed outgoing port used when --server is used with an interface name. bsc1183709 - CVE-2020-14312: Set --local-service by default bsc1173646. - Open inotify socket only when used bsc1180914. This update w...

5.9CVSS5.2AI score0.01988EPSS
Exploits1References6
Rows per page
Query Builder