cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-49543,https://securityvulnerability.io/vulnerability/CVE-2024-49543,InDesign Desktop | Stack-based Buffer Overflow (CWE-121),"A stack-based buffer overflow vulnerability exists in InDesign Desktop versions ID19.5, ID18.5.4, and earlier. This vulnerability could allow arbitrary code execution within the context of the affected application's current user session. The exploitation requires user interaction, meaning a user must open a specially crafted malicious file to trigger the issue. It is essential for users to remain vigilant about the files they open in InDesign to mitigate potential security risks.",Adobe,Indesign Desktop,7.8,HIGH,0.0010400000028312206,false,false,false,false,,false,false,2024-12-10T21:15:00.000Z,0
CVE-2024-49549,https://securityvulnerability.io/vulnerability/CVE-2024-49549,InDesign Desktop | Out-of-bounds Read (CWE-125),"InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0007200000109151006,false,false,false,false,,false,false,2024-12-10T21:15:00.000Z,0
CVE-2024-49546,https://securityvulnerability.io/vulnerability/CVE-2024-49546,InDesign Desktop | Out-of-bounds Read (CWE-125),"InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0007200000109151006,false,false,false,false,,false,false,2024-12-10T21:15:00.000Z,0
CVE-2024-49545,https://securityvulnerability.io/vulnerability/CVE-2024-49545,InDesign Desktop | Heap-based Buffer Overflow (CWE-122),"Adobe InDesign Desktop, particularly versions ID19.5, ID18.5.4, and earlier, is susceptible to a heap-based buffer overflow vulnerability. This issue can allow an attacker to execute arbitrary code within the context of the current user. Exploitation of this vulnerability necessitates user engagement, requiring the victim to open a maliciously crafted file. Addressing this vulnerability is crucial to protect users from potential threats and maintain system integrity.",Adobe,Indesign Desktop,7.8,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2024-12-10T21:15:00.000Z,0
CVE-2024-49544,https://securityvulnerability.io/vulnerability/CVE-2024-49544,InDesign Desktop | Out-of-bounds Write (CWE-787),"Adobe InDesign Desktop faces an out-of-bounds write vulnerability that can lead to arbitrary code execution within the context of the currently logged-in user. To exploit this vulnerability, an attacker must entice the user to open a specially crafted malicious file, but it allows for significant risk as it could enable unauthorized actions on the system. Users of affected versions, including ID19.5 and ID18.5.4 and earlier, should exercise caution and ensure they have the latest security updates applied.",Adobe,Indesign Desktop,7.8,HIGH,0.000699999975040555,false,false,false,false,,false,false,2024-12-10T21:15:00.000Z,0
CVE-2024-39389,https://securityvulnerability.io/vulnerability/CVE-2024-39389,Adobe Indesign PDF File Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability,"Adobe InDesign Desktop has been identified to have a stack-based buffer overflow vulnerability, affecting versions ID19.4 and ID18.5.2, as well as earlier releases. This vulnerability allows for the possibility of arbitrary code execution when a user opens a specially crafted malicious file. Exploitation necessitates user interaction, emphasizing the importance of caution when handling unknown files, as attackers may leverage this flaw to execute harmful code within the user’s context.",Adobe,Indesign Desktop,7.8,HIGH,0.0014299999456852674,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-41853,https://securityvulnerability.io/vulnerability/CVE-2024-41853,Indesign 2024 EPS File Parsing Heap Memory Corruption Remote Code Execution Vulnerability,"A Heap-based Buffer Overflow vulnerability exists in Adobe InDesign Desktop versions ID19.4, ID18.5.2 and earlier. This flaw can lead to arbitrary code execution within the context of the current user. Exploiting this vulnerability necessitates user interaction; specifically, a victim must open a specially crafted malicious file. This can potentially compromise the user's system, making it imperative for users to apply safeguards and updates.",Adobe,Indesign Desktop,7.8,HIGH,0.0008299999753944576,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-41852,https://securityvulnerability.io/vulnerability/CVE-2024-41852,Adobe Indesign 2024 AVI File Parsing Stack Based Buffer Overflow,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are impacted by a stack-based buffer overflow vulnerability. This vulnerability could allow an attacker to execute arbitrary code within the context of the current user when a malicious file is opened. User interaction is mandatory for exploitation, as the file must be opened by an unsuspecting user. This risk emphasizes the importance of implementing security best practices and awareness regarding the files that are shared and opened.",Adobe,Indesign Desktop,7.8,HIGH,0.0014299999456852674,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-39393,https://securityvulnerability.io/vulnerability/CVE-2024-39393,Adobe Indesign 2024 PCT File Parsing Memory Corruption Remote Code Execution Vulnerability,"An out-of-bounds read vulnerability exists in Adobe InDesign Desktop versions ID19.4 and ID18.5.2 and earlier. This vulnerability is triggered when InDesign processes a specially crafted file, leading to the potential for reading beyond the allocated memory bounds. This flaw presents a risk wherein an attacker could potentially execute arbitrary code within the context of the user who opens the compromised file. Notably, successful exploitation necessitates user interaction, as the victim must inadvertently open the malicious file, underscoring the critical importance of cautious file handling practices.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-39391,https://securityvulnerability.io/vulnerability/CVE-2024-39391,Adobe Indesign XLS File Parsing Out Of Bound Write Remote Code execution vulnerability,"InDesign Desktop, specifically versions ID19.4, ID18.5.2, and earlier, is vulnerable to an out-of-bounds write issue that can lead to arbitrary code execution within the context of the affected user's environment. Successful exploitation necessitates that the victim opens a specifically crafted malicious file. This vulnerability emphasizes the importance of verifying file origins and exercising caution when handling untrusted documents to mitigate potential risks. For comprehensive details on the vulnerability and remediation, refer to the official Adobe security advisory.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-39390,https://securityvulnerability.io/vulnerability/CVE-2024-39390,Adobe Indesign 2024 DOC File Parsing Memory Corruption,"The out-of-bounds write vulnerability in Adobe InDesign poses a significant threat as it can lead to arbitrary code execution when a user opens a specially crafted malicious file. This vulnerability affects various versions including ID19.4 and ID18.5.2, along with prior releases. The exploitation of this vulnerability necessitates user interaction, making it imperative for users to exercise caution with files from untrusted sources. Implementing protective measures and applying the latest security patches is crucial to mitigate the risks associated with this vulnerability.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-41850,https://securityvulnerability.io/vulnerability/CVE-2024-41850,InDesign Vulnerable to Heap-based Buffer Overflow Leading to Arbitrary Code Execution,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are susceptible to a Heap-based Buffer Overflow vulnerability. This flaw can be exploited to execute arbitrary code within the context of the current user. Successful exploitation demands user interaction, as it requires the victim to open a specially crafted malicious file. It is critical for users of affected versions to apply security updates and exercise caution when handling unknown files to mitigate potential risks.",Adobe,Indesign Desktop,7.8,HIGH,0.0008299999753944576,false,false,false,false,,false,false,2024-08-14T15:05:49.394Z,0
CVE-2024-41851,https://securityvulnerability.io/vulnerability/CVE-2024-41851,Adobe InDesign Vulnerable to Integer Overflow or Wraparound Exploits,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are susceptible to an integer overflow or wraparound vulnerability, which allows for the potential execution of arbitrary code under the privileges of the current user. To exploit this vulnerability, malicious actors can craft a specially designed file that, when opened by a user, triggers the vulnerability. This exploit emphasizes the importance of ensuring users do not open untrusted or suspicious files, thereby mitigating the risks associated with this vulnerability.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-08-14T15:05:44.016Z,0
CVE-2024-39394,https://securityvulnerability.io/vulnerability/CVE-2024-39394,InDesign Vulnerability Could Lead to Arbitrary Code Execution,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are susceptible to an out-of-bounds write vulnerability. This vulnerability poses a risk of arbitrary code execution within the context of the current user. Successful exploitation necessitates that the user opens a specially crafted malicious file, leading to potential unauthorized actions on the system. Users of affected InDesign versions are advised to implement security measures and update to the latest versions as provided in Adobe's security advisory.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-08-14T15:05:41.031Z,0
CVE-2024-39392,https://securityvulnerability.io/vulnerability/CVE-2024-39392,Adobe InDesign Vulnerable to Heap-based Buffer Overflow,"A Heap-based Buffer Overflow vulnerability exists in Adobe InDesign Desktop that affects versions ID18.5.2 and ID19.3, as well as earlier releases. This vulnerability allows for the execution of arbitrary code if a user opens a specially crafted malicious file. Successful exploitation necessitates user interaction, requiring the targeted individual to engage with the malicious content. The issue highlights the importance of exercising caution when handling untrusted files.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-08-02T07:16:00.000Z,0
CVE-2024-39396,https://securityvulnerability.io/vulnerability/CVE-2024-39396,InDesign Vulnerability Leads to Sensitive Memory Disclosure,"InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2024-08-02T07:16:00.000Z,0
CVE-2024-41836,https://securityvulnerability.io/vulnerability/CVE-2024-41836,InDesign Vulnerability Could Lead to Denial of Service,"InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-07-23T11:34:55.471Z,0
CVE-2024-20781,https://securityvulnerability.io/vulnerability/CVE-2024-20781,Adobe InDesign Vulnerable to Heap-based Buffer Overflow,"Adobe InDesign Desktop has been found to possess a Heap-based Buffer Overflow vulnerability. This issue affects versions ID19.3, ID18.5.2 and earlier. An attacker can exploit this vulnerability by enticing a user to open a specially crafted malicious file, which could lead to arbitrary code execution with the permissions of the current user. To mitigate the potential risks, it is essential for users to refrain from opening untrusted or unknown files.",Adobe,Indesign Desktop,7.8,HIGH,0.0009899999713525176,false,false,false,false,,false,false,2024-07-09T19:18:42.013Z,0
CVE-2024-20785,https://securityvulnerability.io/vulnerability/CVE-2024-20785,InDesign Vulnerable to Heap-based Buffer Overflow,"A heap-based buffer overflow vulnerability has been identified in Adobe InDesign Desktop applications, specifically impacting versions ID19.3, ID18.5.2, and earlier releases. This vulnerability allows an attacker to execute arbitrary code on the affected system but requires user interaction to exploit. Specifically, the victim must open a carefully crafted malicious file, at which point the exploit can occur, potentially compromising the security of the user's system.",Adobe,Indesign Desktop,7.8,HIGH,0.0009899999713525176,false,false,false,false,,false,false,2024-07-09T19:18:41.215Z,0
CVE-2024-20783,https://securityvulnerability.io/vulnerability/CVE-2024-20783,Adobe InDesign Vulnerable to Heap-based Buffer Overflow,"A heap-based buffer overflow vulnerability exists in Adobe InDesign Desktop versions ID19.3, ID18.5.2, and earlier, wherein maliciously crafted files can lead to arbitrary code execution within the context of an affected user's environment. The vulnerability can be exploited only when the user interacts with a compromised file, emphasizing the importance of cautious handling of unknown or suspicious file types. Users are recommended to ensure that their software version is up-to-date to mitigate the associated risks.",Adobe,Indesign Desktop,7.8,HIGH,0.0009899999713525176,false,false,false,false,,false,false,2024-07-09T19:18:40.480Z,0
CVE-2024-20782,https://securityvulnerability.io/vulnerability/CVE-2024-20782,Adobe InDesign Vulnerability Could Lead to Arbitrary Code Execution,"An out-of-bounds write vulnerability has been identified in Adobe InDesign Desktop versions ID19.3, ID18.5.2, and earlier. This flaw can lead to arbitrary code execution within the context of the current user, necessitating user interaction wherein a victim must open a specially crafted malicious file. The exploitation of this vulnerability poses serious security risks, making it critical for users to be aware and apply necessary updates to safeguard their systems.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-07-09T19:18:39.770Z,0
CVE-2024-20766,https://securityvulnerability.io/vulnerability/CVE-2024-20766,InDesign Desktop Vulnerability Could Lead to Sensitive Memory Disclosure,"Adobe InDesign Desktop versions 18.5.1, 19.2, and earlier are prone to a vulnerability that allows attackers to perform an out-of-bounds read. This flaw can be exploited by an attacker to gain access to sensitive memory information by tricking users into opening a specially crafted malicious file. Users must exercise caution, as exploitation requires their interaction, allowing the bypass of certain security mitigations like Address Space Layout Randomization (ASLR).",Adobe,Indesign Desktop,5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2024-04-10T12:48:34.882Z,0
CVE-2023-44346,https://securityvulnerability.io/vulnerability/CVE-2023-44346,Adobe InDesign CC 2023 Memory Corruption Vulnerability VIII.,"An out-of-bounds read vulnerability has been identified in Adobe InDesign versions ID18.5 and ID17.4.2, along with earlier versions. This security issue allows unauthorized access to sensitive memory, potentially enabling malicious actors to bypass security mechanisms such as ASLR (Address Space Layout Randomization). Exploiting this vulnerability necessitates user interaction, as the victim must open a specially crafted file designed to trigger the flaw. Addressing this issue is essential for protecting sensitive information and maintaining robust security practices.",Adobe,Indesign Desktop,5.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2024-02-29T01:41:00.000Z,0
CVE-2023-44344,https://securityvulnerability.io/vulnerability/CVE-2023-44344,Adobe InDesign CC 2023 Memory Corruption Vulnerability V.,"Adobe InDesign is susceptible to an out-of-bounds read vulnerability, affecting versions ID18.5 and earlier as well as ID17.4.2 and earlier. This vulnerability can potentially enable attackers to access sensitive memory spaces. The exploitation of this flaw necessitates user action, where the victim must open a specially crafted malicious file. Successful exploitation may bypass security mitigations like Address Space Layout Randomization (ASLR), highlighting the need for users to exercise caution when handling files from untrusted sources.",Adobe,Indesign Desktop,5.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2024-02-29T01:41:00.000Z,0
CVE-2023-44343,https://securityvulnerability.io/vulnerability/CVE-2023-44343,Adobe InDesign CC 2023 Memory Corruption Vulnerability III.,"Adobe InDesign versions ID18.5 and earlier, as well as ID17.4.2 and earlier, are susceptible to an out-of-bounds read vulnerability. This flaw permits an attacker to potentially disclose sensitive memory, undermining common security mitigations such as Address Space Layout Randomization (ASLR). Exploiting this vulnerability necessitates that the user opens a specially crafted file, highlighting the critical importance of maintaining cautious behavior when handling unknown documents.",Adobe,Indesign Desktop,5.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2024-02-29T01:41:00.000Z,0