CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49511 – InDesign Desktop | Out-of-bounds Read (CWE-125)
https://notcve.org/view.php?id=CVE-2024-49511
12 Nov 2024 — InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-88.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49507 – InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2024-49507
12 Nov 2024 — InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i... • https://helpx.adobe.com/security/products/indesign/apsb24-88.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49508 – InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2024-49508
12 Nov 2024 — InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. InDesign Desktop versions ID18.5.2, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i... • https://helpx.adobe.com/security/products/indesign/apsb24-88.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2024-45137 – InDesign Desktop | Unrestricted Upload of File with Dangerous Type (CWE-434)
https://notcve.org/view.php?id=CVE-2024-45137
09 Oct 2024 — InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by uploading a malicious file which, when executed, could run arbitrary code in the context of the server. Exploitation of this issue requires user interaction. • https://helpx.adobe.com/security/products/incopy/apsb24-79.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34127 – Adobe Indesign TIF File Parsing Out Of Bound Read
https://notcve.org/view.php?id=CVE-2024-34127
14 Aug 2024 — InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41850 – Adobe Indesign 2024 TIF File Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2024-41850
14 Aug 2024 — InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41854 – Adobe Indesign 2024 PDF File parsing memory corruption
https://notcve.org/view.php?id=CVE-2024-41854
14 Aug 2024 — InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39391 – Adobe Indesign XLS File Parsing Out Of Bound Write Remote Code execution vulnerability
https://notcve.org/view.php?id=CVE-2024-39391
14 Aug 2024 — InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39390 – Adobe Indesign 2024 DOC File Parsing Memory Corruption
https://notcve.org/view.php?id=CVE-2024-39390
14 Aug 2024 — InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41866 – Adobe Indesign 2024 DOC File Parsing Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2024-41866
14 Aug 2024 — InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-476: NULL Pointer Dereference •