Indesign Security Vulnerabilities and Issues — Indesign CVE List

Lucene search

AdobeIndesign

74 matches found

CVE•added 2023/09/11 2:15 p.m.•2556 views

CVE-2022-28831

Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.8AI score0.00142EPSS

CVE•added 2022/07/15 4:15 p.m.•105 views

CVE-2022-34245

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malici...

7.8CVSS7.7AI score0.00116EPSS

CVE•added 2023/09/11 2:15 p.m.•84 views

CVE-2022-28833

7.8CVSS7.8AI score0.00142EPSS

CVE•added 2022/06/15 5:15 p.m.•81 views

CVE-2021-42732

Access of Memory Location After End of Buffer (CWE-788)

7.8CVSS7.6AI score0.01379EPSS

CVE•added 2023/09/11 2:15 p.m.•77 views

CVE-2022-28832

Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the conte...

7.8CVSS7.5AI score0.00137EPSS

CVE•added 2023/01/13 8:15 p.m.•77 views

CVE-2023-21587

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.7AI score0.00182EPSS

CVE•added 2022/06/15 5:15 p.m.•76 views

CVE-2021-39820

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit t...

7.8CVSS7.8AI score0.0467EPSS

CVE•added 2022/07/15 4:15 p.m.•74 views

CVE-2022-34247

Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fi...

7.8CVSS7.6AI score0.0011EPSS

CVE•added 2025/03/11 6:15 p.m.•71 views

CVE-2025-27177

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.0004EPSS

CVE•added 2023/07/20 7:15 a.m.•68 views

CVE-2021-39822

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP...

7.8CVSS7.7AI score0.00168EPSS

CVE•added 2022/07/15 4:15 p.m.•67 views

CVE-2022-34246

7.8CVSS7.7AI score0.00116EPSS

CVE•added 2023/01/13 8:15 p.m.•65 views

CVE-2023-21589

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00148EPSS

CVE•added 2025/03/11 6:15 p.m.•65 views

CVE-2025-27178

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.0004EPSS

CVE•added 2022/09/16 6:15 p.m.•62 views

CVE-2022-38416

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the conte...

7.8CVSS7.5AI score0.00204EPSS

CVE•added 2021/09/29 4:15 p.m.•61 views

CVE-2021-39821

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF ...

7.8CVSS7.6AI score0.10839EPSS

CVE•added 2023/01/13 8:15 p.m.•61 views

CVE-2023-21590

7.8CVSS7.8AI score0.00148EPSS

CVE•added 2023/01/13 8:15 p.m.•60 views

CVE-2023-21588

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.7AI score0.00109EPSS

CVE•added 2022/09/16 6:15 p.m.•59 views

CVE-2022-38413

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

7.8CVSS7.7AI score0.00203EPSS

CVE•added 2025/02/11 5:15 p.m.•59 views

CVE-2025-21157

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.9AI score0.00029EPSS

CVE•added 2022/09/16 6:15 p.m.•58 views

CVE-2022-28852

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious f...

7.8CVSS7.8AI score0.00198EPSS

CVE•added 2024/07/09 8:15 p.m.•58 views

CVE-2024-20781

InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2022/09/16 6:15 p.m.•57 views

CVE-2022-28853

Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.8AI score0.00198EPSS

CVE•added 2025/02/11 5:15 p.m.•57 views

CVE-2025-21123

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2022/09/16 6:15 p.m.•56 views

CVE-2022-38415

7.8CVSS7.7AI score0.00203EPSS

CVE•added 2022/09/16 6:15 p.m.•55 views

CVE-2022-38414

7.8CVSS7.7AI score0.00203EPSS

CVE•added 2025/02/11 5:15 p.m.•55 views

CVE-2025-21121

7.8CVSS7.9AI score0.00029EPSS

CVE•added 2025/02/11 5:15 p.m.•55 views

CVE-2025-21158

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2024/08/14 3:15 p.m.•54 views

CVE-2024-41850

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2025/03/11 6:15 p.m.•54 views

CVE-2025-24453

7.8CVSS7.8AI score0.0004EPSS

CVE•added 2020/09/10 7:15 p.m.•52 views

CVE-2020-9731

A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.

7.8CVSS7.8AI score0.01608EPSS

CVE•added 2018/05/19 5:29 p.m.•51 views

CVE-2018-4927

Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.

7.8CVSS7.3AI score0.01724EPSS

CVE•added 2022/09/16 6:15 p.m.•51 views

CVE-2022-38417

7.8CVSS7.5AI score0.00204EPSS

CVE•added 2024/07/09 8:15 p.m.•51 views

CVE-2024-20785

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2024/08/14 3:15 p.m.•51 views

CVE-2024-41852

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2020/09/10 7:15 p.m.•49 views

CVE-2020-9727

7.8CVSS7.8AI score0.0378EPSS

CVE•added 2024/07/09 8:15 p.m.•49 views

CVE-2024-20783

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2024/08/14 3:15 p.m.•49 views

CVE-2024-39390

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.9AI score0.00043EPSS

CVE•added 2024/08/14 3:15 p.m.•49 views

CVE-2024-39393

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the cur...

7.8CVSS7.5AI score0.00043EPSS

CVE•added 2024/08/14 3:15 p.m.•49 views

CVE-2024-41851

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2025/03/11 6:15 p.m.•49 views

CVE-2025-24452

7.8CVSS7.9AI score0.0004EPSS

CVE•added 2024/07/09 8:15 p.m.•48 views

CVE-2024-20782

InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00043EPSS

CVE•added 2020/09/10 7:15 p.m.•47 views

CVE-2020-9728

7.8CVSS7.8AI score0.0378EPSS

CVE•added 2022/01/13 9:15 p.m.•47 views

CVE-2021-45057

Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG2000 file.

7.8CVSS7.8AI score0.03124EPSS

CVE•added 2024/11/12 9:15 p.m.•47 views

CVE-2024-49508

InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.8AI score0.00035EPSS

CVE•added 2025/03/11 6:15 p.m.•47 views

CVE-2025-27171

7.8CVSS7.8AI score0.0004EPSS

CVE•added 2024/12/10 9:15 p.m.•46 views

CVE-2024-49543

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.4AI score0.00034EPSS

CVE•added 2025/03/11 6:15 p.m.•46 views

CVE-2025-27175

7.8CVSS7.8AI score0.0004EPSS

CVE•added 2024/08/14 3:15 p.m.•45 views

CVE-2024-39394

7.8CVSS7.9AI score0.00043EPSS

CVE•added 2024/08/14 3:15 p.m.•45 views

CVE-2024-41853

7.8CVSS7.8AI score0.00041EPSS

CVE•added 2025/03/11 6:15 p.m.•45 views

CVE-2025-27166