Lucene search
K
AdobeIncopy

65 matches found

CVE
CVE
added 2022/09/16 5:14 p.m.442 views

CVE-2022-38405

CVE-2022-38405 affects Adobe InCopy 17.3 and earlier and 16.4.2 and earlier. The issue is a Heap-based Buffer Overflow in SVG/file parsing that could enable arbitrary code execution in the user context. Exploitation requires user interaction—opening a malicious file. Mitigation per APSB22-53 is t...

7.8CVSS7.8AI score0.00595EPSS
CVE
CVE
added 2022/09/16 5:14 p.m.244 views

CVE-2022-38404

CVE-2022-38404 affects Adobe InCopy 17.3 and earlier and 16.4.2 and earlier, via a heap-based buffer overflow in SVG file parsing that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected product ...

7.8CVSS7.8AI score0.00595EPSS
CVE
CVE
added 2023/11/16 3:45 p.m.119 views

CVE-2023-26368

Adobe InCopy is affected by CVE-2023-26368: an out-of-bounds read when parsing crafted files could allow code execution under the user’s context. Affected versions are InCopy 18.5 and earlier, and 17.4.2 and earlier. Exploitation requires user interaction (opening a malicious file). Mitigation/Re...

7.8CVSS7.5AI score0.00341EPSS
CVE
CVE
added 2022/06/16 5:4 p.m.113 views

CVE-2022-30651

CVE-2022-30651 affects Adobe InCopy fonts parsing in versions 17.2 and earlier and 16.4.1 and earlier, due to an out-of-bounds read in font parsing that can lead to remote code execution under the current user. Exploitation requires user interaction (opening a malicious file). The issue is docume...

9.3CVSS7.5AI score0.02226EPSS
CVE
CVE
added 2022/07/15 3:53 p.m.112 views

CVE-2022-34250

Adobe InCopy is affected by a heap-based buffer overflow in input handling (font parsing) that could allow arbitrary code execution in the context of the current user when a malicious file is opened. Affected versions: 17.2 and earlier, and 16.4.1 and earlier. Requires user interaction. Remediati...

7.8CVSS7.7AI score0.00463EPSS
CVE
CVE
added 2023/09/11 1:6 p.m.111 views

CVE-2022-28836

CVE-2022-28836 affects Adobe InCopy versions 17.1 and earlier, and 16.4.1 and earlier. The issue is an out-of-bounds write in InCopy that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Remediat...

7.8CVSS7.8AI score0.00402EPSS
CVE
CVE
added 2022/07/15 3:53 p.m.109 views

CVE-2022-34252

Adobe InCopy 16.4.1/17.2 and earlier are affected by a font parsing out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (open a malicious file). Connected advisories (APSB-22-53, APSB-23-08) indicate security updates are available to address this is...

5.5CVSS5.2AI score0.00337EPSS
CVE
CVE
added 2022/09/16 5:14 p.m.102 views

CVE-2022-38406

Adobe InCopy versions 17.3 and earlier, and 16.4.2 and earlier, are affected by an out-of-bounds read vulnerability (CVE-2022-38406) that could disclose memory and bypass mitigations such as ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected software: InCopy 17...

5.5CVSS5.2AI score0.00355EPSS
CVE
CVE
added 2022/06/16 5:6 p.m.99 views

CVE-2022-30654

CVE-2022-30654 affects Adobe InCopy. The issue is a heap-based buffer overflow in font parsing that could allow arbitrary code execution in the context of the current user. Affected versions are InCopy 17.2 and earlier, and 16.4.1 and earlier. Exploitation requires user interaction (opening a mal...

9.3CVSS7.8AI score0.05901EPSS
CVE
CVE
added 2023/09/11 1:6 p.m.95 views

CVE-2022-28835

Adobe InCopy is affected by CVE-2022-28835, a Use-After-Free vulnerability in InCopy 17.1 and earlier and 16.4.1 and earlier that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file (user interaction). The issue is docum...

7.8CVSS7.7AI score0.00489EPSS
CVE
CVE
added 2023/01/13 12:0 a.m.95 views

CVE-2023-21599

Adobe InCopy (versions 18.0 and earlier, and 17.4 and earlier) is affected by an out-of-bounds read vulnerability that can disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected products are addressed in Adobe APSB23-08, with remediation ...

5.5CVSS4.9AI score0.00313EPSS
CVE
CVE
added 2023/01/13 12:0 a.m.94 views

CVE-2023-21594

Adobe InCopy is affected by a heap-based buffer overflow in font parsing that could allow arbitrary code execution in the context of the current user when a user opens a crafted file. Affected versions include 18.0 and earlier, and 17.4 and earlier. The issue is triggered by processing a maliciou...

7.8CVSS7.7AI score0.00408EPSS
CVE
CVE
added 2023/01/13 12:0 a.m.92 views

CVE-2023-21596

Adobe InCopy is affected by CVE-2023-21596 due to improper input validation, allowing arbitrary code execution under the current user. Affected versions are 18.0 and earlier, and 17.4 and earlier; exploitation requires user interaction (victim opens a malicious file). Root cause is input validati...

7.8CVSS7.7AI score0.00342EPSS
CVE
CVE
added 2022/06/16 5:6 p.m.91 views

CVE-2022-30655

Adobe InCopy versions 17.2 and earlier, and 16.4.1 and earlier, are affected by a Use-After-Free vulnerability (CVE-2022-30655) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). The issue is do...

9.3CVSS7.7AI score0.02442EPSS
CVE
CVE
added 2022/06/16 5:5 p.m.90 views

CVE-2022-30652

Adobe InCopy is affected by an out-of-bounds write vulnerability in versions 17.2 and earlier, and 16.4.1 and earlier, which could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. The issue is documen...

9.3CVSS7.8AI score0.0192EPSS
CVE
CVE
added 2022/06/16 5:7 p.m.89 views

CVE-2022-30657

CVE-2022-30657 is an Adobe InCopy font parsing Use-After-Free vulnerability. Affected versions: InCopy 17.2 and earlier, and 16.4.1 and earlier. The issue can allow arbitrary code execution in the context of the current user, with exploitation requiring user interaction (opening a malicious file)...

9.3CVSS7.7AI score0.02442EPSS
CVE
CVE
added 2022/07/15 3:53 p.m.89 views

CVE-2022-34249

CVE-2022-34249 affects Adobe InCopy: versions 17.2 and earlier, and 16.4.1 and earlier, with a heap-based buffer overflow in the InCopy Font parsing code. This could allow arbitrary code execution in the context of the current user, and exploitation requires the user to open a malicious file (use...

7.8CVSS7.7AI score0.00463EPSS
CVE
CVE
added 2022/09/16 5:14 p.m.89 views

CVE-2022-38407

Adobe InCopy versions 17.3 and earlier, and 16.4.2 and earlier, are affected by CVE-2022-38407, an out-of-bounds read vulnerability that can disclose memory and bypass mitigations such as ASLR. Exploitation requires user interaction (opening a malicious file). Connected sources also reference rel...

5.5CVSS5.2AI score0.00355EPSS
CVE
CVE
added 2022/06/16 5:5 p.m.88 views

CVE-2022-30653

The CVE-2022-30653 entry details an out-of-bounds write in Adobe InCopy, affecting versions 17.2 and earlier and 16.4.1 and earlier. The vulnerability can lead to arbitrary code execution in the context of the current user and requires user interaction (victim opens a malicious file). Connected s...

9.3CVSS7.8AI score0.0192EPSS
CVE
CVE
added 2023/01/13 12:0 a.m.88 views

CVE-2023-21598

CVE-2023-21598 – Adobe InCopy Use-After-Free : Connected sources corroborate a memory disclosure vulnerability in InCopy versions 18.0 and earlier, and 17.4 and earlier. The underlying issue is a Use-After-Free flaw that can bypass mitigations such as ASLR, with exploitation requiring user intera...

5.5CVSS5.3AI score0.00345EPSS
CVE
CVE
added 2023/01/13 12:0 a.m.87 views

CVE-2023-21597

Adobe InCopy is affected by an out-of-bounds write vulnerability (CVE-2023-21597) in versions 18.0 and earlier and 17.4 and earlier that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Connected a...

7.8CVSS7.5AI score0.00295EPSS
CVE
CVE
added 2023/09/11 1:6 p.m.86 views

CVE-2022-28834

Adobe InCopy is affected by an out-of-bounds write vulnerability that can grant arbitrary code execution in the context of the current user. Affected versions are 17.1 and earlier, and 16.4.1 and earlier. Exploitation requires user interaction (a victim must open a malicious file); the issue is d...

7.8CVSS7.8AI score0.00402EPSS
CVE
CVE
added 2022/06/16 5:4 p.m.85 views

CVE-2022-30650

Adobe InCopy versions 17.2 and earlier and 16.4.1 and earlier are affected by a Heap-based Buffer Overflow in font parsing that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (open a malicious file). Remediation is available via upd...

9.3CVSS7.8AI score0.05901EPSS
CVE
CVE
added 2022/07/15 3:53 p.m.83 views

CVE-2022-34251

Adobe InCopy is affected: versions 17.2 and earlier and 16.4.1 and earlier suffer an Out‑Of‑Bounds Write in font parsing that can lead to arbitrary code execution under the current user. Exploitation requires the user to open a malicious file. Updates have been released (e.g., APSB22-53, APSB23-0...

7.8CVSS7.7AI score0.00329EPSS
CVE
CVE
added 2022/06/16 5:6 p.m.81 views

CVE-2022-30656

CVE-2022-30656 affects Adobe InCopy versions 17.2 and earlier and 16.4.1 and earlier, where a PDF parsing out-of-bounds write can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). The issue is documented ac...

9.3CVSS7.8AI score0.0192EPSS
CVE
CVE
added 2022/09/16 5:14 p.m.81 views

CVE-2022-38401

Adobe InCopy is affected by CVE-2022-38401: a heap-based buffer overflow in PCX file parsing could allow arbitrary code execution under the current user when a user opens a malicious file. Affected versions include InCopy 17.3 and earlier and 16.4.2 and earlier. Exploitation requires user interac...

7.8CVSS7.8AI score0.00475EPSS
CVE
CVE
added 2022/09/16 5:14 p.m.81 views

CVE-2022-38402

CVE-2022-38402 corresponds to a heap-based buffer overflow in Adobe InCopy 17.3 and earlier, and 16.4.2 and earlier, triggered by opening a malicious SVG/file. The root cause is within InCopy SVG parsing, allowing arbitrary code execution in the context of the current user when a victim opens a c...

7.8CVSS7.8AI score0.00475EPSS
CVE
CVE
added 2023/04/12 12:0 a.m.79 views

CVE-2023-22235

Adobe InCopy is affected by a Use-After-Free vulnerability (CVE-2023-22235) in versions 18.1 and earlier and 17.4 and earlier. The issue could allow arbitrary code execution in the context of the current user and requires user interaction (opening a malicious file). Affected per the CVE entry; re...

7.8CVSS7.7AI score0.00365EPSS
CVE
CVE
added 2023/01/13 12:0 a.m.78 views

CVE-2023-21595

CVE-2023-21595 affects Adobe InCopy 18.0 and earlier, and 17.4 and earlier, due to an out-of-bounds write that can allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). APSB23-08 and related sources indicate ...

7.8CVSS7.8AI score0.00294EPSS
CVE
CVE
added 2025/02/11 5:21 p.m.73 views

CVE-2025-21156

Adobe InCopy is affected by an Integer Underflow (Wrap or Wraparound) vulnerability (CVE-2025-21156) in versions 20.0, 19.5.1 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. Public so...

7.8CVSS7.8AI score0.00327EPSS
CVE
CVE
added 2022/09/16 5:14 p.m.70 views

CVE-2022-38403

CVE-2022-38403 affects Adobe InCopy 17.3 and earlier, and 16.4.2 and earlier. The vulnerability is a heap-based buffer overflow in InCopy (SVG parsing) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a maliciou...

7.8CVSS7.8AI score0.00595EPSS
CVE
CVE
added 2024/08/14 8:14 a.m.69 views

CVE-2024-41858

Adobe InCopy is affected by CVE-2024-41858: an Integer Overflow/Wraparound when parsing SVG files in InCopy versions 18.5.2, 19.4 and earlier, potentially allowing arbitrary code execution with the user’s privileges. Exploitation requires the user to open a malicious file. The issue is documented...

7.8CVSS7.8AI score0.00315EPSS
CVE
CVE
added 2022/01/13 8:27 p.m.67 views

CVE-2021-45054

Adobe InCopy 16.4 and earlier is affected by a use-after-free vulnerability in the JPEG2000 file processing that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). A remediation reference in APSB22-04 notes a patch to address these issue...

5.5CVSS4.4AI score0.0203EPSS
CVE
CVE
added 2022/01/13 8:27 p.m.66 views

CVE-2021-45056

Adobe InCopy 16.4 and earlier is affected by CVE-2021-45056, a JPEG file parsing out-of-bounds write that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). The issue is addressed by updating to InCo...

7.8CVSS7.9AI score0.02276EPSS
CVE
CVE
added 2021/06/28 1:45 p.m.63 views

CVE-2021-21090

Adobe InCopy 16.0 and earlier is affected by a path traversal vulnerability in DOCX/ crafted file parsing that could lead to remote code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). A patch is available: update to InCopy...

9.3CVSS8.8AI score0.05371EPSS
CVE
CVE
added 2021/11/22 3:32 p.m.59 views

CVE-2021-43015

Adobe InCopy 16.4 and earlier are affected by a memory corruption vulnerability (CVE-2021-43015) due to insecure handling of a malicious GIF file, potentially allowing arbitrary code execution under the current user. Exploitation requires user interaction (opening a crafted file). The issue is ad...

9.3CVSS7.9AI score0.01617EPSS
CVE
CVE
added 2022/01/13 8:27 p.m.58 views

CVE-2021-45053

Adobe InCopy 16.4 and earlier is affected by an out-of-bounds write vulnerability in JPEG2000 parsing that could lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file (user interaction). Remediation: update to 16.4.1 (patche...

7.8CVSS7.8AI score0.02192EPSS
CVE
CVE
added 2025/06/10 6:50 p.m.58 views

CVE-2025-30327

CVE-2025-30327 affects Adobe InCopy versions 20.2, 19.5.3 and earlier, due to an Integer Overflow or Wraparound (CWE-190) that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). The issue is addressed b...

7.8CVSS7.6AI score0.00195EPSS
CVE
CVE
added 2021/09/27 3:42 p.m.56 views

CVE-2021-39819

Adobe InCopy 11.1 and earlier is affected by a memory corruption vulnerability caused by insecure handling of a malicious XML file, potentially leading to arbitrary code execution in the user’s context. Exploitation requires user interaction. Affected versions noted include InCopy 11.1 and earlie...

7.8CVSS7.9AI score0.01659EPSS
CVE
CVE
added 2021/11/22 3:33 p.m.55 views

CVE-2021-43016

Adobe InCopy 16.4 and earlier is affected by CVE-2021-43016: a null pointer dereference when parsing a specially crafted file, enabling denial-of-service in the current user context after opening a malicious file. Exploitation requires user interaction (opening the file). Remediation is reference...

5.5CVSS5.4AI score0.0201EPSS
CVE
CVE
added 2025/06/10 6:50 p.m.55 views

CVE-2025-47107

Adobe InCopy is affected by CVE-2025-47107 (Heap-based Buffer Overflow) in InCopy 20.2, 19.5.3 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Mitigation: apply APSB25-41 security update; patched versions ...

7.8CVSS7.6AI score0.00214EPSS
CVE
CVE
added 2022/01/13 8:27 p.m.53 views

CVE-2021-45055

Adobe InCopy 16.4 and earlier are affected by an out-of-bounds read when parsing crafted files, potentially allowing code execution in the user’s context. Exploitation requires user interaction (victim must open a malicious file). The issue is addressed in Adobe InCopy 16.4.1 (APSB22-04). Other s...

7.8CVSS7.5AI score0.02426EPSS
CVE
CVE
added 2024/10/09 2:5 p.m.53 views

CVE-2024-45136

Adobe InCopy is affected by CVE-2024-45136: InCopy versions 19.4, 18.5.3 and earlier are vulnerable to Unrestricted Upload of File with Dangerous Type, potentially enabling arbitrary code execution on the server. Exploitation requires user interaction. The issue stems from uploading a dangerous f...

7.8CVSS7.8AI score0.00259EPSS
CVE
CVE
added 2021/09/27 3:42 p.m.51 views

CVE-2021-39818

Adobe InCopy 11.1 and earlier are affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction. The issue is listed as CVE-2021-39818. Conne...

7.8CVSS7.9AI score0.01659EPSS
CVE
CVE
added 2021/01/13 10:43 p.m.50 views

CVE-2021-21010

CVE-2021-21010 affects Adobe InCopy on Windows (versions 15.1.1 and earlier). The issue is an uncontrolled search path vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The vulne...

7CVSS7AI score0.02486EPSS
CVE
CVE
added 2025/07/08 10:17 p.m.28 views

CVE-2025-47097

CVE-2025-47097 affects Adobe InCopy 20.3, 19.5.3 and earlier. It describes an Integer Underflow (Wrap or Wraparound) that could allow arbitrary code execution in the context of the current user, requiring the victim to open a malicious file (UI: Required, Attack Vector: Local). The CVSS v3.1 scor...

7.8CVSS7AI score0.00195EPSS
CVE
CVE
added 2025/07/08 10:17 p.m.24 views

CVE-2025-47098

Adobe InCopy is affected by CVE-2025-47098 (Access of Uninitialized Pointer) in versions 20.3, 19.5.3 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Connected documents corroborate affe...

7.8CVSS7AI score0.00195EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.23 views

CVE-2025-54215

CVE-2025-54215 affects Adobe InCopy versions 20.4, 19.5.4 and earlier. It is an out-of-bounds write vulnerability (CWE-787) that could lead to arbitrary code execution in the user’s context. Exploitation requires user interaction—opening a maliciously crafted file. Public references indicate a se...

7.8CVSS7.6AI score0.00234EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.23 views

CVE-2025-54216

Adobe InCopy (versions 20.4, 19.5.4 and earlier) is affected by an out-of-bounds write (CWE-787) vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a maliciously crafted file. Remediation involves ...

7.8CVSS7.6AI score0.00234EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.23 views

CVE-2025-54219

CVE-2025-54219 affects Adobe InCopy: heap-based buffer overflow in InCopy versions 20.4, 19.5.4 and earlier. Root cause: improper memory handling leading to a heap overflow. Impact: arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must op...

7.8CVSS7.6AI score0.00289EPSS
Total number of security vulnerabilities65