CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39420 – Acrobat Reader | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
https://notcve.org/view.php?id=CVE-2024-39420
Acrobat Reader versions 20.005.30636, 24.002.21005, 24.001.30159, 20.005.30655, 24.002.20965, 24.002.20964, 24.001.30123, 24.003.20054 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary code execution. • https://helpx.adobe.com/security/products/acrobat/apsb24-70.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41830 – Talos Security Advisory for Adobe (TALOS-2024-2009)
https://notcve.org/view.php?id=CVE-2024-41830
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39383 – PoC sample of unknown vulnerability detected by EXPMON system
https://notcve.org/view.php?id=CVE-2024-39383
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41850 – Adobe Indesign 2024 TIF File Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2024-41850
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39391 – Adobe Indesign XLS File Parsing Out Of Bound Write Remote Code execution vulnerability
https://notcve.org/view.php?id=CVE-2024-39391
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/indesign/apsb24-56.html • CWE-787: Out-of-bounds Write •