Indesign@* Security Vulnerabilities and Issues — Page 3 of Indesign@* CVE List

Lucene search

AdobeIndesign*

168 matches found

CVE•added 2024/08/14 3:15 p.m.•45 views

CVE-2024-41866

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation ...

5.5CVSS5.3AI score0.00036EPSS

CVE•added 2024/11/12 9:15 p.m.•45 views

CVE-2024-49509

InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2024/11/12 9:15 p.m.•45 views

CVE-2024-49511

InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

5.5CVSS5.1AI score0.00045EPSS

CVE•added 2024/12/10 9:15 p.m.•45 views

CVE-2024-49545

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.4AI score0.00041EPSS

CVE•added 2022/01/13 9:15 p.m.•44 views

CVE-2021-45058

Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG file.

7.8CVSS7.8AI score0.03124EPSS

CVE•added 2023/07/12 4:15 p.m.•44 views

CVE-2023-29312

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user i...

5.5CVSS5.9AI score0.00044EPSS

CVE•added 2023/07/12 4:15 p.m.•44 views

CVE-2023-29314

5.5CVSS5.2AI score0.00044EPSS

CVE•added 2024/08/14 3:15 p.m.•44 views

CVE-2024-39389

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2024/08/14 3:15 p.m.•44 views

CVE-2024-39391

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.9AI score0.00043EPSS

CVE•added 2024/11/12 9:15 p.m.•44 views

CVE-2024-49507

InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2024/11/12 9:15 p.m.•44 views

CVE-2024-49512

5.5CVSS5.3AI score0.00045EPSS

CVE•added 2024/12/10 9:15 p.m.•44 views

CVE-2024-49544

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.4AI score0.00041EPSS

CVE•added 2020/09/10 7:15 p.m.•42 views

CVE-2020-9729

A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.

7.8CVSS7.8AI score0.0378EPSS

CVE•added 2024/12/10 9:15 p.m.•42 views

CVE-2024-49549

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

5.5CVSS6.1AI score0.0005EPSS

CVE•added 2020/09/10 7:15 p.m.•41 views

CVE-2020-9730

7.8CVSS7.8AI score0.0378EPSS

CVE•added 2024/02/29 1:41 a.m.•41 views

CVE-2023-44342

Adobe InDesign versions ID18.5 (and earlier) and ID17.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user i...

5.5CVSS4.9AI score0.00029EPSS

CVE•added 2024/12/10 9:15 p.m.•41 views

CVE-2024-49546

5.5CVSS6.1AI score0.0005EPSS

CVE•added 2024/12/10 9:15 p.m.•41 views

CVE-2024-53951

5.5CVSS6.1AI score0.00048EPSS

CVE•added 2024/12/10 9:15 p.m.•41 views

CVE-2024-53952

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of thi...

5.5CVSS6.4AI score0.00037EPSS

CVE•added 2023/07/12 4:15 p.m.•40 views

CVE-2023-29308

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious ...

7.8CVSS7.8AI score0.00141EPSS

CVE•added 2024/11/12 9:15 p.m.•40 views

CVE-2024-49510

5.5CVSS5.1AI score0.00045EPSS

CVE•added 2024/12/10 9:15 p.m.•40 views

CVE-2024-49547

5.5CVSS6.1AI score0.0005EPSS

CVE•added 2024/12/10 9:15 p.m.•39 views

CVE-2024-49548

5.5CVSS6.1AI score0.0005EPSS

CVE•added 2025/06/10 5:23 p.m.•39 views

CVE-2025-43558

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00042EPSS

CVE•added 2023/07/12 4:15 p.m.•38 views

CVE-2023-29311

5.5CVSS5.2AI score0.00033EPSS

CVE•added 2023/07/12 4:15 p.m.•37 views

CVE-2023-29313

5.5CVSS5.2AI score0.00033EPSS

CVE•added 2023/12/13 10:15 a.m.•37 views

CVE-2023-47076

Adobe InDesign versions 19.0 (and earlier) and 17.4.2 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requ...

5.5CVSS5.1AI score0.00086EPSS

CVE•added 2024/10/09 3:15 p.m.•37 views

CVE-2024-45137

InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which, when executed, could run arbitrary cod...

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2025/06/10 5:23 p.m.•36 views

CVE-2025-43589

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00045EPSS

CVE•added 2025/06/10 5:23 p.m.•36 views

CVE-2025-43593

7.8CVSS7.8AI score0.00042EPSS

CVE•added 2023/07/12 4:15 p.m.•35 views

CVE-2023-29309

5.5CVSS5.2AI score0.00033EPSS

CVE•added 2023/07/12 4:15 p.m.•35 views

CVE-2023-29310

5.5CVSS5.9AI score0.00033EPSS

CVE•added 2023/07/12 4:15 p.m.•35 views

CVE-2023-29319

5.5CVSS5.2AI score0.00044EPSS

CVE•added 2025/06/10 5:23 p.m.•35 views

CVE-2025-43590

7.8CVSS7.8AI score0.00042EPSS

CVE•added 2025/06/10 5:23 p.m.•35 views

CVE-2025-47104

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

5.5CVSS5.1AI score0.0003EPSS

CVE•added 2023/07/12 4:15 p.m.•34 views

CVE-2023-29318

5.5CVSS5.9AI score0.00033EPSS

CVE•added 2025/06/10 5:23 p.m.•34 views

CVE-2025-47105

5.5CVSS5.1AI score0.0003EPSS

CVE•added 2025/06/10 5:23 p.m.•34 views

CVE-2025-47106

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a v...

5.5CVSS5.2AI score0.00036EPSS

CVE•added 2023/07/12 4:15 p.m.•33 views

CVE-2023-29317

5.5CVSS5.2AI score0.00033EPSS

CVE•added 2024/08/02 7:16 a.m.•33 views

CVE-2024-39396

InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

5.5CVSS5.3AI score0.0006EPSS

CVE•added 2025/06/10 5:21 p.m.•33 views

CVE-2025-30317

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00034EPSS

CVE•added 2025/05/13 5:15 p.m.•33 views

CVE-2025-30319

InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requir...

5.5CVSS6.6AI score0.00024EPSS

CVE•added 2023/07/12 4:15 p.m.•32 views

CVE-2023-29316

5.5CVSS5.9AI score0.00044EPSS

CVE•added 2025/06/10 5:21 p.m.•32 views

CVE-2025-30321

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires...

5.5CVSS5.2AI score0.00024EPSS

CVE•added 2024/08/02 7:16 a.m.•30 views

CVE-2024-39392

InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2023/12/13 10:15 a.m.•27 views

CVE-2023-47077

Adobe InDesign versions 19.0 (and earlier) and 17.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user inter...

5.5CVSS4.9AI score0.00021EPSS

CVE•added 2025/05/13 5:15 p.m.•25 views

CVE-2025-30320

InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires...

5.5CVSS6.6AI score0.00024EPSS

CVE•added 2025/05/13 5:15 p.m.•23 views

CVE-2025-30318

InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.6AI score0.00042EPSS

CVE•added 2025/07/08 10:15 p.m.•10 views

CVE-2025-47103

InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7AI score0.00029EPSS

CVE•added 2025/07/08 10:15 p.m.•10 views

CVE-2025-47136

InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7AI score0.00029EPSS

Total number of security vulnerabilities168