Incopy Security Vulnerabilities and Issues — Incopy CVE List

Lucene search

AdobeIncopy

31 matches found

CVE•added 2022/09/16 6:15 p.m.•427 views

CVE-2022-38405

Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious f...

7.8CVSS7.8AI score0.00203EPSS

CVE•added 2022/09/16 6:15 p.m.•220 views

CVE-2022-38404

7.8CVSS7.8AI score0.00203EPSS

CVE•added 2023/11/16 4:15 p.m.•105 views

CVE-2023-26368

Adobe InCopy versions 18.5 (and earlier) and 17.4.2 (and earlier) are affected by are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute cod...

7.8CVSS7.5AI score0.00105EPSS

CVE•added 2023/09/11 2:15 p.m.•98 views

CVE-2022-28836

Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00125EPSS

CVE•added 2022/07/15 4:15 p.m.•97 views

CVE-2022-34250

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious ...

7.8CVSS7.7AI score0.00195EPSS

CVE•added 2023/09/11 2:15 p.m.•79 views

CVE-2022-28835

Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.7AI score0.00098EPSS

CVE•added 2023/01/13 9:15 p.m.•79 views

CVE-2023-21596

Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.7AI score0.00125EPSS

CVE•added 2023/01/13 9:15 p.m.•78 views

CVE-2023-21594

Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.7AI score0.00209EPSS

CVE•added 2023/01/13 9:15 p.m.•76 views

CVE-2023-21597

Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.5AI score0.0017EPSS

CVE•added 2022/07/15 4:15 p.m.•73 views

CVE-2022-34249

7.8CVSS7.7AI score0.00195EPSS

CVE•added 2023/09/11 2:15 p.m.•71 views

CVE-2022-28834

7.8CVSS7.8AI score0.00125EPSS

CVE•added 2022/07/15 4:15 p.m.•68 views

CVE-2022-34251

Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.7AI score0.00185EPSS

CVE•added 2023/04/12 10:15 p.m.•66 views

CVE-2023-22235

InCopy versions 18.1 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.7AI score0.00116EPSS

CVE•added 2023/01/13 9:15 p.m.•64 views

CVE-2023-21595

7.8CVSS7.8AI score0.00148EPSS

CVE•added 2022/09/16 6:15 p.m.•60 views

CVE-2022-38401

7.8CVSS7.8AI score0.00203EPSS

CVE•added 2022/09/16 6:15 p.m.•58 views

CVE-2022-38402

7.8CVSS7.8AI score0.00203EPSS

CVE•added 2022/09/16 6:15 p.m.•58 views

CVE-2022-38403

7.8CVSS7.8AI score0.00203EPSS

CVE•added 2025/02/11 6:15 p.m.•57 views

CVE-2025-21156

InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2024/08/14 9:15 a.m.•55 views

CVE-2024-41858

InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2022/01/13 9:15 p.m.•52 views

CVE-2021-45056

Adobe InCopy version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.9AI score0.03439EPSS

CVE•added 2022/01/13 9:15 p.m.•47 views

CVE-2021-45053

7.8CVSS7.8AI score0.04183EPSS

CVE•added 2021/09/27 4:15 p.m.•44 views

CVE-2021-39819

Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious XML file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

7.8CVSS7.9AI score0.08652EPSS

CVE•added 2024/10/09 3:15 p.m.•42 views

CVE-2024-45136

InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file which can then be executed on the server...

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2022/01/13 9:15 p.m.•40 views

CVE-2021-45055

Adobe InCopy version 16.4 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Explo...

7.8CVSS7.5AI score0.03534EPSS

CVE•added 2025/06/10 7:15 p.m.•40 views

CVE-2025-47107

InCopy versions 20.2, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.6AI score0.00029EPSS

CVE•added 2021/09/27 4:15 p.m.•38 views

CVE-2021-39818

Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

7.8CVSS7.9AI score0.08652EPSS

CVE•added 2025/06/10 7:15 p.m.•38 views

CVE-2025-30327

InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.6AI score0.00029EPSS

CVE•added 2021/01/13 11:15 p.m.•36 views

CVE-2021-21010

InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7CVSS7AI score0.01644EPSS

CVE•added 2025/07/08 11:15 p.m.•7 views

CVE-2025-47098

InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7AI score0.00027EPSS

CVE•added 2025/07/08 11:15 p.m.•6 views

CVE-2025-47097

InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7AI score0.00027EPSS

CVE•added 2025/07/08 11:15 p.m.•6 views

CVE-2025-47099

InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7AI score0.00027EPSS