cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-45136,https://securityvulnerability.io/vulnerability/CVE-2024-45136,Unrestricted File Upload Vulnerability in Adobe InCopy,"Adobe InCopy versions 19.4 and 18.5.3 and earlier are susceptible to an unrestricted file upload vulnerability that can lead to arbitrary code execution. This security flaw allows an attacker to upload a malicious file to the server, contingent upon user interaction. Successfully exploiting this vulnerability poses significant risks to data integrity and system safety, necessitating immediate attention from users and administrators to mitigate potential threats.",Adobe,Incopy,7.8,HIGH,0.023520000278949738,false,false,false,false,,false,false,2024-10-09T15:15:00.000Z,0
CVE-2024-41858,https://securityvulnerability.io/vulnerability/CVE-2024-41858,InCopy Integer Overflow or Wraparound Vulnerability Could Lead to Arbitrary Code Execution,"An Integer Overflow or Wraparound vulnerability exists in Adobe InCopy that could allow malicious actors to execute arbitrary code in the context of the affected user. This vulnerability impacts users who open specially crafted files, leading to potential system compromise. User interaction is crucial, as the execution of the arbitrary code is contingent upon opening a malicious file, making it imperative for users to exercise caution when handling untrusted documents.",Adobe,Incopy,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-08-14T08:14:21.738Z,0
CVE-2023-26368,https://securityvulnerability.io/vulnerability/CVE-2023-26368,Adobe InCopy Out-of-Bounds Read Vulnerability v1.0,"Adobe InCopy is susceptible to an out-of-bounds read vulnerability that occurs when processing specially crafted files. This flaw allows attackers to read beyond the allocated memory structures, potentially leading to the execution of arbitrary code within the context of the user running the software. For the exploitation of this vulnerability to succeed, user interaction is necessary, requiring the victim to open a maliciously crafted file. It is crucial for users to remain vigilant against such threats by ensuring that they do not open untrusted files.",Adobe,Incopy,7.8,HIGH,0.0007699999841861427,false,false,false,false,,false,false,2023-11-16T16:15:00.000Z,0
CVE-2022-28835,https://securityvulnerability.io/vulnerability/CVE-2022-28835,Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability,"Adobe InCopy versions 17.1 and 16.4.1, along with earlier releases, are susceptible to a Use-After-Free vulnerability. This security flaw allows an attacker to execute arbitrary code within the context of the affected user’s environment. The exploitation of this vulnerability requires user interaction, specifically through the opening of a specially crafted malicious file. Users are strongly advised to update to the latest versions to mitigate the risk of this vulnerability.",Adobe,Incopy,7.8,HIGH,0.10572999715805054,false,false,false,false,,false,false,2023-09-11T13:06:23.820Z,0
CVE-2022-28834,https://securityvulnerability.io/vulnerability/CVE-2022-28834,Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe InCopy has a vulnerability that enables out-of-bounds write conditions, allowing attackers to execute arbitrary code with the privileges of the current user. To trigger this vulnerability, a user must open a specially crafted malicious file. This emphasizes the importance of cautious file handling practices by users to mitigate the risk of exploitation.",Adobe,Incopy,7.8,HIGH,0.0016899999463930726,false,false,false,false,,false,false,2023-09-11T13:06:23.049Z,0
CVE-2022-28836,https://securityvulnerability.io/vulnerability/CVE-2022-28836,Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe InCopy versions 17.1 and 16.4.1, along with earlier versions, have a vulnerability that allows for an out-of-bounds write. This flaw can lead to arbitrary code execution when a user opens a specially crafted malicious file. Successful exploitation necessitates user interaction, which means that the risk arises when unsuspecting users engage with such compromised files.",Adobe,Incopy,7.8,HIGH,0.0016899999463930726,false,false,false,false,,false,false,2023-09-11T13:06:22.230Z,0
CVE-2023-22235,https://securityvulnerability.io/vulnerability/CVE-2023-22235,Adobe InCopy SVG file Use After Free Arbitrary code execution,"A Use After Free vulnerability affects Adobe InCopy versions 18.1 and 17.4, potentially allowing attackers to execute arbitrary code. Exploiting this vulnerability necessitates user interaction, specifically requiring the victim to open a specially crafted malicious file. This underscores the importance of caution when handling potentially dangerous documents.",Adobe,Incopy,7.8,HIGH,0.0036899999249726534,false,false,false,false,,false,false,2023-04-12T00:00:00.000Z,0
CVE-2023-21596,https://securityvulnerability.io/vulnerability/CVE-2023-21596,Adobe InCopy Improper Input Validation Remote Code Execution Vulnerability,"Adobe InCopy versions 18.0 and 17.4 and earlier are compromised by an improper input validation flaw. This vulnerability allows for arbitrary code execution within the user’s context, provided a user opens a specially crafted malicious file. Attackers exploiting this vulnerability would need user interaction, highlighting the importance of caution when handling unknown documents.",Adobe,InCopy,7.8,HIGH,0.007459999993443489,false,false,false,false,,false,false,2023-01-13T00:00:00.000Z,0
CVE-2023-21595,https://securityvulnerability.io/vulnerability/CVE-2023-21595,Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe InCopy versions 18.0 and 17.4 are subject to an out-of-bounds write vulnerability that allows attackers to execute arbitrary code within the privileges of the current user. Exploitation of this vulnerability necessitates user interaction, meaning a victim must open a specially crafted malicious file. This poses a significant risk to users who may unknowingly interact with such files, emphasizing the need for vigilance when handling documents from untrusted sources.",Adobe,InCopy,7.8,HIGH,0.0033499998971819878,false,false,false,false,,false,false,2023-01-13T00:00:00.000Z,0
CVE-2023-21599,https://securityvulnerability.io/vulnerability/CVE-2023-21599,Adobe InCopy Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,"Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,InCopy,5.5,MEDIUM,0.00279999990016222,false,false,false,false,,false,false,2023-01-13T00:00:00.000Z,0
CVE-2023-21598,https://securityvulnerability.io/vulnerability/CVE-2023-21598,Adobe InCopy Font Parsing Use-After-Free Information Disclosure Vulnerability,"Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,InCopy,5.5,MEDIUM,0.0026199999265372753,false,false,false,false,,false,false,2023-01-13T00:00:00.000Z,0
CVE-2023-21597,https://securityvulnerability.io/vulnerability/CVE-2023-21597,Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,"Adobe InCopy prior to version 18.1 is susceptible to an out-of-bounds write vulnerability. This flaw can be exploited by opening a specially crafted file, leading to potential arbitrary code execution within the affected user's session. Proper user interaction is necessary for exploitation, making it essential for users to avoid opening untrusted documents.",Adobe,InCopy,7.8,HIGH,0.0033499998971819878,false,false,false,false,,false,false,2023-01-13T00:00:00.000Z,0
CVE-2023-21594,https://securityvulnerability.io/vulnerability/CVE-2023-21594,Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,"Adobe InCopy versions 18.0 and earlier, including 17.4 and earlier, are prone to a Heap-based Buffer Overflow vulnerability. This weakness could allow an attacker to execute arbitrary code in the context of the current user. Successful exploitation necessitates user interaction, specifically requiring the victim to open a specially crafted malicious file. Users are urged to be cautious and follow security guidelines to mitigate the risk associated with this flaw.",Adobe,InCopy,7.8,HIGH,0.005369999911636114,false,false,false,false,,false,false,2023-01-13T00:00:00.000Z,0
CVE-2022-38404,https://securityvulnerability.io/vulnerability/CVE-2022-38404,Adobe InCopy SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.018060000613331795,false,false,false,false,,false,false,2022-09-16T18:15:00.000Z,0
CVE-2022-38407,https://securityvulnerability.io/vulnerability/CVE-2022-38407,Adobe InCopy EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2022-09-16T18:15:00.000Z,0
CVE-2022-38406,https://securityvulnerability.io/vulnerability/CVE-2022-38406,Adobe InCopy EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2022-09-16T18:15:00.000Z,0
CVE-2022-38405,https://securityvulnerability.io/vulnerability/CVE-2022-38405,Adobe InCopy SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.018060000613331795,false,false,false,false,,false,false,2022-09-16T18:15:00.000Z,0
CVE-2022-38401,https://securityvulnerability.io/vulnerability/CVE-2022-38401,Adobe InCopy PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.018060000613331795,false,false,false,false,,false,false,2022-09-16T18:15:00.000Z,0
CVE-2022-38403,https://securityvulnerability.io/vulnerability/CVE-2022-38403,Adobe InCopy SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.015869999304413795,false,false,false,false,,false,false,2022-09-13T00:00:00.000Z,0
CVE-2022-38402,https://securityvulnerability.io/vulnerability/CVE-2022-38402,Adobe InCopy SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability,Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.015869999304413795,false,false,false,false,,false,false,2022-09-13T00:00:00.000Z,0
CVE-2022-34252,https://securityvulnerability.io/vulnerability/CVE-2022-34252,Adobe InCopy Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability,Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2022-07-15T16:15:00.000Z,0
CVE-2022-34251,https://securityvulnerability.io/vulnerability/CVE-2022-34251,Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability,Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.002839999971911311,false,false,false,false,,false,false,2022-07-15T16:15:00.000Z,0
CVE-2022-34249,https://securityvulnerability.io/vulnerability/CVE-2022-34249,Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.005369999911636114,false,false,false,false,,false,false,2022-07-15T16:15:00.000Z,0
CVE-2022-34250,https://securityvulnerability.io/vulnerability/CVE-2022-34250,Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.005369999911636114,false,false,false,false,,false,false,2022-07-12T00:00:00.000Z,0
CVE-2022-30650,https://securityvulnerability.io/vulnerability/CVE-2022-30650,Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability,Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Incopy,7.8,HIGH,0.018060000613331795,false,false,false,false,,false,false,2022-06-16T18:15:00.000Z,0