Indesign@* Security Vulnerabilities and Issues — Indesign@* CVE List

Lucene search

AdobeIndesign*

168 matches found

CVE•added 2023/09/11 2:15 p.m.•2557 views

CVE-2022-28831

Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.8AI score0.00142EPSS

CVE•added 2024/04/10 1:51 p.m.•126 views

CVE-2024-20766

InDesign Desktop versions 18.5.1, 19.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a ...

5.5CVSS5.8AI score0.00023EPSS

CVE•added 2022/07/15 4:15 p.m.•106 views

CVE-2022-34245

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malici...

7.8CVSS7.7AI score0.00124EPSS

CVE•added 2022/07/15 4:15 p.m.•94 views

CVE-2022-34248

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the con...

5.5CVSS5.6AI score0.00125EPSS

CVE•added 2020/10/21 10:15 p.m.•92 views

CVE-2020-24421

Adobe InDesign version 15.1.2 (and earlier) is affected by a NULL pointer dereference bug that occurs when handling a malformed .indd file. The impact is limited to causing a denial-of-service of the client application. User interaction is required to exploit this issue.

5.5CVSS5.2AI score0.00488EPSS

CVE•added 2022/06/15 5:15 p.m.•87 views

CVE-2021-40727

Access of Memory Location After End of Buffer (CWE-788

9.3CVSS7.6AI score0.00408EPSS

CVE•added 2022/06/16 5:15 p.m.•87 views

CVE-2022-30662

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi...

9.3CVSS7.8AI score0.02958EPSS

CVE•added 2022/06/16 5:15 p.m.•86 views

CVE-2022-30660

9.3CVSS7.8AI score0.02958EPSS

CVE•added 2023/09/11 2:15 p.m.•85 views

CVE-2022-28833

7.8CVSS7.8AI score0.00142EPSS

CVE•added 2022/06/16 5:15 p.m.•83 views

CVE-2022-30661

9.3CVSS7.7AI score0.01448EPSS

CVE•added 2022/06/15 5:15 p.m.•82 views

CVE-2021-42732

Access of Memory Location After End of Buffer (CWE-788)

7.8CVSS7.6AI score0.00705EPSS

CVE•added 2022/06/16 5:15 p.m.•81 views

CVE-2022-30665

9.3CVSS7.8AI score0.02958EPSS

CVE•added 2022/06/16 5:15 p.m.•80 views

CVE-2022-30663

9.3CVSS7.8AI score0.02958EPSS

CVE•added 2023/01/13 8:15 p.m.•79 views

CVE-2023-21587

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.7AI score0.00182EPSS

CVE•added 2023/09/11 2:15 p.m.•78 views

CVE-2022-28832

Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the conte...

7.8CVSS7.5AI score0.00137EPSS

CVE•added 2022/06/15 5:15 p.m.•77 views

CVE-2021-39820

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit t...

7.8CVSS7.8AI score0.0467EPSS

CVE•added 2021/11/16 10:15 p.m.•75 views

CVE-2021-42731

Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires...

9.3CVSS7.7AI score0.00928EPSS

CVE•added 2022/07/15 4:15 p.m.•75 views

CVE-2022-34247

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi...

7.8CVSS7.6AI score0.00118EPSS

CVE•added 2022/06/16 5:15 p.m.•72 views

CVE-2022-30659

9.3CVSS7.8AI score0.01507EPSS

CVE•added 2023/01/13 8:15 p.m.•72 views

CVE-2023-21591

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction...

5.5CVSS4.9AI score0.00025EPSS

CVE•added 2024/07/23 12:15 p.m.•72 views

CVE-2024-41836

InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue ...

5.5CVSS5.5AI score0.00091EPSS

CVE•added 2025/03/11 6:15 p.m.•72 views

CVE-2025-27177

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2022/06/16 5:15 p.m.•71 views

CVE-2022-30658

9.3CVSS7.7AI score0.01448EPSS

CVE•added 2019/05/23 4:29 p.m.•69 views

CVE-2019-7107

Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2.

10CVSS9.5AI score0.06387EPSS

CVE•added 2023/07/20 7:15 a.m.•69 views

CVE-2021-39822

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP...

7.8CVSS7.7AI score0.00168EPSS

CVE•added 2022/07/15 4:15 p.m.•68 views

CVE-2022-34246

7.8CVSS7.7AI score0.00124EPSS

CVE•added 2021/07/30 2:15 p.m.•67 views

CVE-2021-36004

Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interact...

8.8CVSS8.8AI score0.05361EPSS

CVE•added 2022/09/16 6:15 p.m.•67 views

CVE-2022-30673

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user inter...

5.5CVSS5.2AI score0.00037EPSS

CVE•added 2023/01/13 8:15 p.m.•66 views

CVE-2023-21589

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00148EPSS

CVE•added 2025/03/11 6:15 p.m.•66 views

CVE-2025-27178

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2025/03/11 6:15 p.m.•66 views

CVE-2025-27179

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of thi...

5.5CVSS5.3AI score0.00027EPSS

CVE•added 2017/12/09 6:29 a.m.•65 views

CVE-2017-11302

An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.

10CVSS9.7AI score0.10805EPSS

CVE•added 2025/03/11 6:15 p.m.•65 views

CVE-2025-27176

5.5CVSS5.2AI score0.00027EPSS

CVE•added 2023/02/17 10:15 p.m.•64 views

CVE-2023-21593

Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue re...

5.5CVSS5.1AI score0.00099EPSS

CVE•added 2022/09/16 6:15 p.m.•63 views

CVE-2022-30674

5.5CVSS5.6AI score0.00066EPSS

CVE•added 2022/09/16 6:15 p.m.•63 views

CVE-2022-38416

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the conte...

7.8CVSS7.5AI score0.00204EPSS

CVE•added 2021/09/29 4:15 p.m.•62 views

CVE-2021-39821

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF ...

7.8CVSS7.6AI score0.10839EPSS

CVE•added 2023/01/13 8:15 p.m.•62 views

CVE-2023-21590

7.8CVSS7.8AI score0.00148EPSS

CVE•added 2024/02/29 1:41 a.m.•62 views

CVE-2023-44347

Adobe InDesign versions ID18.5 (and earlier) and ID17.4.2 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue ...

5.5CVSS5.1AI score0.00112EPSS

CVE•added 2018/05/19 5:29 p.m.•61 views

CVE-2018-4928

Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

9.3CVSS7.9AI score0.02216EPSS

CVE•added 2022/09/16 6:15 p.m.•61 views

CVE-2022-30675

5.5CVSS5.2AI score0.00037EPSS

CVE•added 2022/09/16 6:15 p.m.•61 views

CVE-2022-30676

5.5CVSS5.2AI score0.00037EPSS

CVE•added 2023/01/13 8:15 p.m.•61 views

CVE-2023-21588

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.7AI score0.00109EPSS

CVE•added 2022/09/16 6:15 p.m.•60 views

CVE-2022-28856

5.5CVSS5.2AI score0.00034EPSS

CVE•added 2022/09/16 6:15 p.m.•60 views

CVE-2022-38413

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

7.8CVSS7.7AI score0.00203EPSS

CVE•added 2025/02/11 5:15 p.m.•60 views

CVE-2025-21157

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.9AI score0.00029EPSS

CVE•added 2021/06/28 2:15 p.m.•59 views

CVE-2021-21098

Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user inte...

9.3CVSS8.7AI score0.02013EPSS

CVE•added 2021/06/28 2:15 p.m.•59 views

CVE-2021-21099

9.3CVSS8.7AI score0.02013EPSS

CVE•added 2022/09/16 6:15 p.m.•59 views

CVE-2022-28852

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious f...

7.8CVSS7.8AI score0.00198EPSS

CVE•added 2024/07/09 8:15 p.m.•59 views

CVE-2024-20781

InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00182EPSS

Total number of security vulnerabilities168