cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21126,https://securityvulnerability.io/vulnerability/CVE-2025-21126,Improper Input Validation in InDesign Desktop by Adobe,"InDesign Desktop versions ID20.0 and ID19.5.1, as well as earlier versions, are impacted by an improper input validation issue that could enable an attacker to execute a denial-of-service attack. Exploitation of this vulnerability necessitates user interaction; specifically, a user must open a crafted file designed to trigger the flaw, which may lead to a crash of the application, thereby interrupting its functionality.",Adobe,Indesign Desktop,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:48.648Z,0
CVE-2025-21158,https://securityvulnerability.io/vulnerability/CVE-2025-21158,Integer Underflow Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop versions ID20.0, ID19.5.1, and earlier have a vulnerability associated with integer underflow. This flaw may permit malicious actors to execute arbitrary code in the context of the current user. The exploitation requires user interaction, whereby the victim must open a specially crafted file designed to trigger the vulnerability.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:47.804Z,0
CVE-2025-21125,https://securityvulnerability.io/vulnerability/CVE-2025-21125,NULL Pointer Dereference Vulnerability in Adobe InDesign,"Adobe InDesign Desktop is affected by a NULL Pointer Dereference vulnerability that may allow an attacker to cause a denial-of-service condition. If a user opens a specifically crafted malicious file, the application may crash, disrupting workflows and causing potential data loss. The exploitation of this vulnerability necessitates user interaction, highlighting the importance of cautious file handling in maintaining application security.",Adobe,Indesign Desktop,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:46.998Z,0
CVE-2025-21123,https://securityvulnerability.io/vulnerability/CVE-2025-21123,Heap-based Buffer Overflow in Adobe InDesign Desktop,"Adobe InDesign Desktop versions ID20.0 and ID19.5.1, along with earlier versions, are vulnerable to a heap-based buffer overflow. This critical vulnerability could enable an attacker to execute arbitrary code within the context of a user who interacts with a maliciously crafted file. Successful exploitation requires the victim to open such a file, thus highlighting the importance of user awareness and security practices to mitigate potential risks.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:46.191Z,0
CVE-2025-21157,https://securityvulnerability.io/vulnerability/CVE-2025-21157,Out-of-Bounds Write Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop is susceptible to an out-of-bounds write vulnerability, which may allow an attacker to execute arbitrary code within the context of the user. The exploitation of this vulnerability necessitates user interaction; a victim must open a specially crafted file. Users are advised to be cautious and ensure they only open files from trusted sources.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:45.344Z,0
CVE-2025-21121,https://securityvulnerability.io/vulnerability/CVE-2025-21121,Out-of-Bounds Write Vulnerability in Adobe InDesign Desktop,"An out-of-bounds write vulnerability in Adobe InDesign Desktop versions ID20.0 and ID19.5.1 and earlier can lead to arbitrary code execution if a malicious file is opened by the user. Successful exploitation requires user interaction, posing a risk particularly in environments where users are susceptible to opening unverified documents. This vulnerability underscores the importance of maintaining up-to-date software and exercising caution when handling files from unknown sources.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:44.481Z,0
CVE-2025-21124,https://securityvulnerability.io/vulnerability/CVE-2025-21124,Out-of-Bounds Read Vulnerability in InDesign by Adobe,"Adobe InDesign versions ID20.0, ID19.5.1 and earlier are vulnerable to an out-of-bounds read issue that may expose sensitive information from memory. Successful exploitation of this vulnerability could allow attackers to bypass security defenses, such as Address Space Layout Randomization (ASLR). Note that an attacker must convince a user to open a specially crafted file, thereby initiating the risk.",Adobe,Indesign Desktop,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:43.616Z,0
CVE-2024-53951,https://securityvulnerability.io/vulnerability/CVE-2024-53951,Out-of-Bounds Read Vulnerability in Adobe InDesign Desktop Products,"Adobe InDesign Desktop versions ID19.5, ID18.5.4, and earlier versions are affected by a vulnerability that allows an attacker to read sensitive data from memory through an out-of-bounds read condition. This exploitation requires the victim to open a specially crafted malicious file, which can lead to the disclosure of sensitive information and potentially allow the attacker to bypass certain memory protection measures, such as address space layout randomization (ASLR). Users are advised to update to the latest versions to mitigate risks.",Adobe,Indesign,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-53952,https://securityvulnerability.io/vulnerability/CVE-2024-53952,NULL Pointer Dereference Vulnerability in InDesign Desktop by Adobe,"Adobe InDesign Desktop versions ID19.5, ID18.5.4, and earlier are vulnerable to a NULL Pointer Dereference issue, which could potentially lead to application instability. This vulnerability allows an attacker to exploit a crafted file to crash the InDesign application, resulting in a denial of service condition. Successful exploitation requires user interaction, as the victim must open the maliciously crafted file, which triggers the vulnerability and compromises the application's functionality, thereby affecting productivity.",Adobe,Indesign,5.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49548,https://securityvulnerability.io/vulnerability/CVE-2024-49548,Out-of-Bounds Read Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop versions ID19.5, ID18.5.4, and earlier are susceptible to an out-of-bounds read vulnerability. This flaw may allow an attacker to disclose sensitive memory information by leveraging user interaction; specifically, the victim must open a manipulated file. Such exploitation could allow bypassing of common security mitigations like Address Space Layout Randomization (ASLR), raising significant security concerns for users. For further details, refer to the official Adobe security bulletin.",Adobe,Indesign,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49545,https://securityvulnerability.io/vulnerability/CVE-2024-49545,InDesign Desktop | Heap-based Buffer Overflow (CWE-122),"Adobe InDesign Desktop, particularly versions ID19.5, ID18.5.4, and earlier, is susceptible to a heap-based buffer overflow vulnerability. This issue can allow an attacker to execute arbitrary code within the context of the current user. Exploitation of this vulnerability necessitates user engagement, requiring the victim to open a maliciously crafted file. Addressing this vulnerability is crucial to protect users from potential threats and maintain system integrity.",Adobe,Indesign Desktop,7.8,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49544,https://securityvulnerability.io/vulnerability/CVE-2024-49544,InDesign Desktop | Out-of-bounds Write (CWE-787),"Adobe InDesign Desktop faces an out-of-bounds write vulnerability that can lead to arbitrary code execution within the context of the currently logged-in user. To exploit this vulnerability, an attacker must entice the user to open a specially crafted malicious file, but it allows for significant risk as it could enable unauthorized actions on the system. Users of affected versions, including ID19.5 and ID18.5.4 and earlier, should exercise caution and ensure they have the latest security updates applied.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49546,https://securityvulnerability.io/vulnerability/CVE-2024-49546,InDesign Desktop | Out-of-bounds Read (CWE-125),"InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49549,https://securityvulnerability.io/vulnerability/CVE-2024-49549,InDesign Desktop | Out-of-bounds Read (CWE-125),"InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49547,https://securityvulnerability.io/vulnerability/CVE-2024-49547,Out-of-Bounds Read Vulnerability in InDesign Desktop by Adobe,"Adobe InDesign Desktop versions up to ID19.5 and ID18.5.4 are susceptible to an out-of-bounds read vulnerability that may enable attackers to access sensitive information from memory. Successful exploitation typically requires the user to open a specially crafted malicious file, possibly allowing the bypassing of security mechanisms such as Address Space Layout Randomization (ASLR). Users should remain vigilant and avoid interacting with untrusted files to mitigate the risks associated with this vulnerability. For more details, refer to the official Adobe advisory.",Adobe,Indesign,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49543,https://securityvulnerability.io/vulnerability/CVE-2024-49543,InDesign Desktop | Stack-based Buffer Overflow (CWE-121),"A stack-based buffer overflow vulnerability exists in InDesign Desktop versions ID19.5, ID18.5.4, and earlier. This vulnerability could allow arbitrary code execution within the context of the affected application's current user session. The exploitation requires user interaction, meaning a user must open a specially crafted malicious file to trigger the issue. It is essential for users to remain vigilant about the files they open in InDesign to mitigate potential security risks.",Adobe,Indesign Desktop,7.8,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49529,https://securityvulnerability.io/vulnerability/CVE-2024-49529,Out-of-Bounds Read Vulnerability in Adobe InDesign for Desktop Users,"Adobe InDesign versions 19.0 and 20.0 are susceptible to an out-of-bounds read vulnerability that may permit disclosure of sensitive memory. Attackers can exploit this flaw by enticing users to open specially crafted malicious files, potentially bypassing important security measures such as Address Space Layout Randomization (ASLR). Users are advised to exercise caution when handling files from untrusted sources to mitigate the risk of exposure.",Adobe,Indesign,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-11-21T17:15:00.000Z,0
CVE-2024-49509,https://securityvulnerability.io/vulnerability/CVE-2024-49509,Heap-based Buffer Overflow in InDesign Desktop by Adobe,"A vulnerability exists in InDesign Desktop versions ID18.5.3, ID19.5, and earlier, where a Heap-based Buffer Overflow can occur. This security flaw enables the potential execution of arbitrary code in the context of the user who opens a specially crafted malicious file. User action is required for this exploitation, highlighting the importance of exercising caution when handling untrusted files.",Adobe,Indesign,7.8,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-11-12T21:15:00.000Z,0
CVE-2024-49507,https://securityvulnerability.io/vulnerability/CVE-2024-49507,Heap-Based Buffer Overflow Vulnerability in InDesign Desktop by Adobe,"A heap-based buffer overflow vulnerability exists in Adobe InDesign Desktop, impacting versions ID18.5.2, ID19.5, and earlier. This security flaw can lead to arbitrary code execution in the context of the user, requiring user interaction for exploitation. Specifically, a victim must open a specially crafted malicious file, potentially compromising their system. Users of the affected versions are advised to ensure that they only open files from trusted sources to mitigate risks associated with this vulnerability.",Adobe,Indesign,7.8,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-11-12T21:15:00.000Z,0
CVE-2024-49510,https://securityvulnerability.io/vulnerability/CVE-2024-49510,Out-of-Bounds Read Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop versions ID18.5.3, ID19.5, and earlier are vulnerable to an out-of-bounds read issue, which potentially exposes sensitive memory data. This weakness allows attackers to circumvent security mechanisms like Address Space Layout Randomization (ASLR). Exploitation is contingent upon user interaction, requiring the victim to open a specially crafted malicious file designed to trigger the vulnerability.",Adobe,Indesign,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-11-12T21:15:00.000Z,0
CVE-2024-49511,https://securityvulnerability.io/vulnerability/CVE-2024-49511,Out-of-Bounds Read Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop versions ID18.5.3, ID19.5, and earlier have a vulnerability that allows attackers to perform out-of-bounds read operations. This can lead to the unintended disclosure of sensitive information stored in memory. The exploit requires the victim to open a specially crafted file, potentially allowing the attacker to bypass memory protection techniques like ASLR. It is essential for users to be cautious and ensure that they do not open untrusted files to mitigate the risk associated with this vulnerability.",Adobe,Indesign,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-11-12T21:15:00.000Z,0
CVE-2024-49512,https://securityvulnerability.io/vulnerability/CVE-2024-49512,Out-of-Bounds Read Vulnerability in Adobe InDesign Desktop Versions,"Adobe InDesign Desktop versions ID18.5.3 and ID19.5, along with earlier versions, are susceptible to an out-of-bounds read vulnerability. This security flaw can potentially lead to the unintended exposure of sensitive memory contents. Attackers could exploit this vulnerability by persuading users to open crafted malicious files, enabling them to bypass established memory protection mechanisms such as Address Space Layout Randomization (ASLR). Effective mitigation requires awareness of this risk and caution in handling untrusted files.",Adobe,Indesign,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-11-12T21:15:00.000Z,0
CVE-2024-49508,https://securityvulnerability.io/vulnerability/CVE-2024-49508,Heap-based Buffer Overflow in InDesign Desktop by Adobe,"A Heap-based Buffer Overflow vulnerability exists in the InDesign Desktop application, specifically affecting versions ID18.5.2, ID19.5 and earlier. This vulnerability can potentially allow an attacker to execute arbitrary code within the privileges of the current user. The exploitation of this vulnerability necessitates user interaction, as it requires the victim to open a specially crafted malicious file. Users are advised to refrain from opening files from untrusted sources to mitigate the risk associated with this vulnerability. For further details and remediation steps, refer to the official announcement from Adobe.",Adobe,Indesign,7.8,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-11-12T21:15:00.000Z,0
CVE-2024-45137,https://securityvulnerability.io/vulnerability/CVE-2024-45137,Unrestricted File Upload Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop is affected by a vulnerability that allows an unrestricted upload of files with dangerous types, potentially leading to arbitrary code execution on the server where the application is running. Attackers can exploit this flaw by tricking users into uploading malicious files that, when executed, may run arbitrary code in the server's context. This exploit requires user interaction, heightening the importance of user awareness and security measures to mitigate potential risks. Users of affected versions are encouraged to follow security guidelines as outlined by Adobe to enhance their protection against such vulnerabilities.",Adobe,Indesign,7.8,HIGH,0.023520000278949738,false,,false,false,false,,,false,false,,2024-10-09T15:15:00.000Z,0
CVE-2024-41852,https://securityvulnerability.io/vulnerability/CVE-2024-41852,Adobe Indesign 2024 AVI File Parsing Stack Based Buffer Overflow,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are impacted by a stack-based buffer overflow vulnerability. This vulnerability could allow an attacker to execute arbitrary code within the context of the current user when a malicious file is opened. User interaction is mandatory for exploitation, as the file must be opened by an unsuspecting user. This risk emphasizes the importance of implementing security best practices and awareness regarding the files that are shared and opened.",Adobe,Indesign Desktop,7.8,HIGH,0.0028899998869746923,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0