Lucene search
K

22 matches found

CVE
CVE
added 2023/04/12 12:0 a.m.82 views

CVE-2023-22235

Adobe InCopy is affected by a Use-After-Free vulnerability (CVE-2023-22235) in versions 18.1 and earlier and 17.4 and earlier. The issue could allow arbitrary code execution in the context of the current user and requires user interaction (opening a malicious file). Affected per the CVE entry; re...

7.8CVSS7.7AI score0.00365EPSS
CVE
CVE
added 2025/02/11 5:21 p.m.73 views

CVE-2025-21156

Adobe InCopy is affected by an Integer Underflow (Wrap or Wraparound) vulnerability (CVE-2025-21156) in versions 20.0, 19.5.1 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. Public so...

7.8CVSS7.8AI score0.00338EPSS
CVE
CVE
added 2025/06/10 6:50 p.m.59 views

CVE-2025-30327

CVE-2025-30327 affects Adobe InCopy versions 20.2, 19.5.3 and earlier, due to an Integer Overflow or Wraparound (CWE-190) that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). The issue is addressed b...

7.8CVSS7.6AI score0.00195EPSS
CVE
CVE
added 2025/06/10 6:50 p.m.56 views

CVE-2025-47107

Adobe InCopy is affected by CVE-2025-47107 (Heap-based Buffer Overflow) in InCopy 20.2, 19.5.3 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Mitigation: apply APSB25-41 security update; patched versions ...

7.8CVSS7.6AI score0.00214EPSS
CVE
CVE
added 2024/10/09 2:5 p.m.55 views

CVE-2024-45136

Adobe InCopy is affected by CVE-2024-45136: InCopy versions 19.4, 18.5.3 and earlier are vulnerable to Unrestricted Upload of File with Dangerous Type, potentially enabling arbitrary code execution on the server. Exploitation requires user interaction. The issue stems from uploading a dangerous f...

7.8CVSS7.8AI score0.00259EPSS
CVE
CVE
added 2025/07/08 10:17 p.m.28 views

CVE-2025-47097

CVE-2025-47097 affects Adobe InCopy 20.3, 19.5.3 and earlier. It describes an Integer Underflow (Wrap or Wraparound) that could allow arbitrary code execution in the context of the current user, requiring the victim to open a malicious file (UI: Required, Attack Vector: Local). The CVSS v3.1 scor...

7.8CVSS7AI score0.00195EPSS
CVE
CVE
added 2026/06/09 5:49 p.m.26 views

CVE-2026-34706

CVE-2026-34706 affects Adobe InCopy 21.3, 20.5.3 and earlier, with an out-of-bounds write that could lead to arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). No exploit details or patches are provided in the supplied...

7.8CVSS6.2AI score0.00139EPSS
CVE
CVE
added 2025/07/08 10:17 p.m.24 views

CVE-2025-47098

Adobe InCopy is affected by CVE-2025-47098 (Access of Uninitialized Pointer) in versions 20.3, 19.5.3 and earlier, enabling arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Connected documents corroborate affe...

7.8CVSS7AI score0.00195EPSS
CVE
CVE
added 2026/01/13 6:45 p.m.24 views

CVE-2026-21281

CVE-2026-21281 affects Adobe InCopy 21.0, 19.5.5 and earlier. The root cause is a Heap-based Buffer Overflow in InCopy components that could allow arbitrary code execution in the context of the current user, triggered when a user opens a malicious file (user interaction required). Connected sourc...

7.8CVSS7.4AI score0.00186EPSS
CVE
CVE
added 2026/06/09 5:49 p.m.24 views

CVE-2026-34707

CVE-2026-34707 concerns Adobe InCopy versions 21.3, 20.5.3 and earlier. The issue is described as a Heap-based Buffer Overflow in InCopy, which could permit arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the victim opening a malic...

7.8CVSS6.2AI score0.00178EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.23 views

CVE-2025-54215

CVE-2025-54215 affects Adobe InCopy versions 20.4, 19.5.4 and earlier. It is an out-of-bounds write vulnerability (CWE-787) that could lead to arbitrary code execution in the user’s context. Exploitation requires user interaction—opening a maliciously crafted file. Public references indicate a se...

7.8CVSS7.6AI score0.00234EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.23 views

CVE-2025-54216

Adobe InCopy (versions 20.4, 19.5.4 and earlier) is affected by an out-of-bounds write (CWE-787) vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a maliciously crafted file. Remediation involves ...

7.8CVSS7.6AI score0.00234EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.23 views

CVE-2025-54219

CVE-2025-54219 affects Adobe InCopy: heap-based buffer overflow in InCopy versions 20.4, 19.5.4 and earlier. Root cause: improper memory handling leading to a heap overflow. Impact: arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must op...

7.8CVSS7.6AI score0.00289EPSS
CVE
CVE
added 2025/07/08 10:17 p.m.22 views

CVE-2025-47099

CVE-2025-47099 affects Adobe InCopy versions 20.3, 19.5.3 and earlier, due to a heap-based buffer overflow that could allow arbitrary code execution in the current user context. Exploitation requires user interaction (open a malicious file). Adobe released APSB25-59 to address critical vulnerabil...

7.8CVSS7AI score0.00214EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.22 views

CVE-2025-54220

CVE-2025-54220 affects Adobe InCopy versions 20.4, 19.5.4 and earlier, with a heap-based buffer overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Public sources confirm this is tied t...

7.8CVSS7.6AI score0.00289EPSS
CVE
CVE
added 2026/04/14 9:14 p.m.22 views

CVE-2026-34631

InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected product/version details are provided in bot...

7.8CVSS6.3AI score0.00138EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.21 views

CVE-2025-54218

Summary: CVE-2025-54218 affects Adobe InCopy (versions 20.4, 19.5.4 and earlier). It is an out-of-bounds write vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a malicious file). Affected components/...

7.8CVSS7.6AI score0.00234EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.21 views

CVE-2025-54223

Adobe InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability (CVE-2025-54223) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Public sources in the provided...

7.8CVSS7.6AI score0.0028EPSS
CVE
CVE
added 2026/06/09 5:49 p.m.21 views

CVE-2026-34708

InCopy (Adobe) versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability (CWE-121) that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. The issue is reporte...

7.8CVSS6.2AI score0.00175EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.19 views

CVE-2025-54221

Summary: CVE-2025-54221 affects Adobe InCopy versions 20.4, 19.5.4 and earlier with an out-of-bounds write that can lead to arbitrary code execution in the context of the current user when a malicious file is opened. The issue requires user interaction. Concrete details from connected sources con...

7.8CVSS7.6AI score0.00234EPSS
CVE
CVE
added 2025/08/12 9:1 p.m.18 views

CVE-2025-54217

CVE-2025-54217 affects Adobe InCopy (versions 20.4 and earlier, including 19.5.4 and earlier). The issue is a heap-based buffer overflow that can permit arbitrary code execution in the context of the current user, with exploitation requiring user interaction (victim must open a malicious file). R...

7.8CVSS7.6AI score0.00289EPSS
CVE
CVE
added 2026/04/14 8:54 p.m.10 views

CVE-2026-27287

CVE-2026-27287 affects Adobe InCopy versions 20.5.2, 21.2 and earlier. It is an out-of-bounds read when parsing a crafted file, potentially allowing code execution in the context of the current user. Exploitation requires user interaction (the victim must open a malicious file); attack vector is ...

7.8CVSS5.9AI score0.00205EPSS