cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21126,https://securityvulnerability.io/vulnerability/CVE-2025-21126,Improper Input Validation in InDesign Desktop by Adobe,"InDesign Desktop versions ID20.0 and ID19.5.1, as well as earlier versions, are impacted by an improper input validation issue that could enable an attacker to execute a denial-of-service attack. Exploitation of this vulnerability necessitates user interaction; specifically, a user must open a crafted file designed to trigger the flaw, which may lead to a crash of the application, thereby interrupting its functionality.",Adobe,Indesign Desktop,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:48.648Z,0
CVE-2025-21158,https://securityvulnerability.io/vulnerability/CVE-2025-21158,Integer Underflow Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop versions ID20.0, ID19.5.1, and earlier have a vulnerability associated with integer underflow. This flaw may permit malicious actors to execute arbitrary code in the context of the current user. The exploitation requires user interaction, whereby the victim must open a specially crafted file designed to trigger the vulnerability.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:47.804Z,0
CVE-2025-21125,https://securityvulnerability.io/vulnerability/CVE-2025-21125,NULL Pointer Dereference Vulnerability in Adobe InDesign,"Adobe InDesign Desktop is affected by a NULL Pointer Dereference vulnerability that may allow an attacker to cause a denial-of-service condition. If a user opens a specifically crafted malicious file, the application may crash, disrupting workflows and causing potential data loss. The exploitation of this vulnerability necessitates user interaction, highlighting the importance of cautious file handling in maintaining application security.",Adobe,Indesign Desktop,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:46.998Z,0
CVE-2025-21123,https://securityvulnerability.io/vulnerability/CVE-2025-21123,Heap-based Buffer Overflow in Adobe InDesign Desktop,"Adobe InDesign Desktop versions ID20.0 and ID19.5.1, along with earlier versions, are vulnerable to a heap-based buffer overflow. This critical vulnerability could enable an attacker to execute arbitrary code within the context of a user who interacts with a maliciously crafted file. Successful exploitation requires the victim to open such a file, thus highlighting the importance of user awareness and security practices to mitigate potential risks.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:46.191Z,0
CVE-2025-21157,https://securityvulnerability.io/vulnerability/CVE-2025-21157,Out-of-Bounds Write Vulnerability in Adobe InDesign Desktop,"Adobe InDesign Desktop is susceptible to an out-of-bounds write vulnerability, which may allow an attacker to execute arbitrary code within the context of the user. The exploitation of this vulnerability necessitates user interaction; a victim must open a specially crafted file. Users are advised to be cautious and ensure they only open files from trusted sources.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:45.344Z,0
CVE-2025-21121,https://securityvulnerability.io/vulnerability/CVE-2025-21121,Out-of-Bounds Write Vulnerability in Adobe InDesign Desktop,"An out-of-bounds write vulnerability in Adobe InDesign Desktop versions ID20.0 and ID19.5.1 and earlier can lead to arbitrary code execution if a malicious file is opened by the user. Successful exploitation requires user interaction, posing a risk particularly in environments where users are susceptible to opening unverified documents. This vulnerability underscores the importance of maintaining up-to-date software and exercising caution when handling files from unknown sources.",Adobe,Indesign Desktop,7.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:44.481Z,0
CVE-2025-21124,https://securityvulnerability.io/vulnerability/CVE-2025-21124,Out-of-Bounds Read Vulnerability in InDesign by Adobe,"Adobe InDesign versions ID20.0, ID19.5.1 and earlier are vulnerable to an out-of-bounds read issue that may expose sensitive information from memory. Successful exploitation of this vulnerability could allow attackers to bypass security defenses, such as Address Space Layout Randomization (ASLR). Note that an attacker must convince a user to open a specially crafted file, thereby initiating the risk.",Adobe,Indesign Desktop,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-11T17:10:43.616Z,0
CVE-2024-49549,https://securityvulnerability.io/vulnerability/CVE-2024-49549,InDesign Desktop | Out-of-bounds Read (CWE-125),"InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49546,https://securityvulnerability.io/vulnerability/CVE-2024-49546,InDesign Desktop | Out-of-bounds Read (CWE-125),"InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49545,https://securityvulnerability.io/vulnerability/CVE-2024-49545,InDesign Desktop | Heap-based Buffer Overflow (CWE-122),"Adobe InDesign Desktop, particularly versions ID19.5, ID18.5.4, and earlier, is susceptible to a heap-based buffer overflow vulnerability. This issue can allow an attacker to execute arbitrary code within the context of the current user. Exploitation of this vulnerability necessitates user engagement, requiring the victim to open a maliciously crafted file. Addressing this vulnerability is crucial to protect users from potential threats and maintain system integrity.",Adobe,Indesign Desktop,7.8,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49544,https://securityvulnerability.io/vulnerability/CVE-2024-49544,InDesign Desktop | Out-of-bounds Write (CWE-787),"Adobe InDesign Desktop faces an out-of-bounds write vulnerability that can lead to arbitrary code execution within the context of the currently logged-in user. To exploit this vulnerability, an attacker must entice the user to open a specially crafted malicious file, but it allows for significant risk as it could enable unauthorized actions on the system. Users of affected versions, including ID19.5 and ID18.5.4 and earlier, should exercise caution and ensure they have the latest security updates applied.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-49543,https://securityvulnerability.io/vulnerability/CVE-2024-49543,InDesign Desktop | Stack-based Buffer Overflow (CWE-121),"A stack-based buffer overflow vulnerability exists in InDesign Desktop versions ID19.5, ID18.5.4, and earlier. This vulnerability could allow arbitrary code execution within the context of the affected application's current user session. The exploitation requires user interaction, meaning a user must open a specially crafted malicious file to trigger the issue. It is essential for users to remain vigilant about the files they open in InDesign to mitigate potential security risks.",Adobe,Indesign Desktop,7.8,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-12-10T21:15:00.000Z,0
CVE-2024-41853,https://securityvulnerability.io/vulnerability/CVE-2024-41853,Indesign 2024 EPS File Parsing Heap Memory Corruption Remote Code Execution Vulnerability,"A Heap-based Buffer Overflow vulnerability exists in Adobe InDesign Desktop versions ID19.4, ID18.5.2 and earlier. This flaw can lead to arbitrary code execution within the context of the current user. Exploiting this vulnerability necessitates user interaction; specifically, a victim must open a specially crafted malicious file. This can potentially compromise the user's system, making it imperative for users to apply safeguards and updates.",Adobe,Indesign Desktop,7.8,HIGH,0.0009899999713525176,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0
CVE-2024-39389,https://securityvulnerability.io/vulnerability/CVE-2024-39389,Adobe Indesign PDF File Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability,"Adobe InDesign Desktop has been identified to have a stack-based buffer overflow vulnerability, affecting versions ID19.4 and ID18.5.2, as well as earlier releases. This vulnerability allows for the possibility of arbitrary code execution when a user opens a specially crafted malicious file. Exploitation necessitates user interaction, emphasizing the importance of caution when handling unknown files, as attackers may leverage this flaw to execute harmful code within the user’s context.",Adobe,Indesign Desktop,7.8,HIGH,0.0028899998869746923,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0
CVE-2024-39390,https://securityvulnerability.io/vulnerability/CVE-2024-39390,Adobe Indesign 2024 DOC File Parsing Memory Corruption,"The out-of-bounds write vulnerability in Adobe InDesign poses a significant threat as it can lead to arbitrary code execution when a user opens a specially crafted malicious file. This vulnerability affects various versions including ID19.4 and ID18.5.2, along with prior releases. The exploitation of this vulnerability necessitates user interaction, making it imperative for users to exercise caution with files from untrusted sources. Implementing protective measures and applying the latest security patches is crucial to mitigate the risks associated with this vulnerability.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0
CVE-2024-39391,https://securityvulnerability.io/vulnerability/CVE-2024-39391,Adobe Indesign XLS File Parsing Out Of Bound Write Remote Code execution vulnerability,"InDesign Desktop, specifically versions ID19.4, ID18.5.2, and earlier, is vulnerable to an out-of-bounds write issue that can lead to arbitrary code execution within the context of the affected user's environment. Successful exploitation necessitates that the victim opens a specifically crafted malicious file. This vulnerability emphasizes the importance of verifying file origins and exercising caution when handling untrusted documents to mitigate potential risks. For comprehensive details on the vulnerability and remediation, refer to the official Adobe security advisory.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0
CVE-2024-39393,https://securityvulnerability.io/vulnerability/CVE-2024-39393,Adobe Indesign 2024 PCT File Parsing Memory Corruption Remote Code Execution Vulnerability,"An out-of-bounds read vulnerability exists in Adobe InDesign Desktop versions ID19.4 and ID18.5.2 and earlier. This vulnerability is triggered when InDesign processes a specially crafted file, leading to the potential for reading beyond the allocated memory bounds. This flaw presents a risk wherein an attacker could potentially execute arbitrary code within the context of the user who opens the compromised file. Notably, successful exploitation necessitates user interaction, as the victim must inadvertently open the malicious file, underscoring the critical importance of cautious file handling practices.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0
CVE-2024-41852,https://securityvulnerability.io/vulnerability/CVE-2024-41852,Adobe Indesign 2024 AVI File Parsing Stack Based Buffer Overflow,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are impacted by a stack-based buffer overflow vulnerability. This vulnerability could allow an attacker to execute arbitrary code within the context of the current user when a malicious file is opened. User interaction is mandatory for exploitation, as the file must be opened by an unsuspecting user. This risk emphasizes the importance of implementing security best practices and awareness regarding the files that are shared and opened.",Adobe,Indesign Desktop,7.8,HIGH,0.0028899998869746923,false,,false,false,false,,,false,false,,2024-08-14T15:15:00.000Z,0
CVE-2024-41850,https://securityvulnerability.io/vulnerability/CVE-2024-41850,InDesign Vulnerable to Heap-based Buffer Overflow Leading to Arbitrary Code Execution,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are susceptible to a Heap-based Buffer Overflow vulnerability. This flaw can be exploited to execute arbitrary code within the context of the current user. Successful exploitation demands user interaction, as it requires the victim to open a specially crafted malicious file. It is critical for users of affected versions to apply security updates and exercise caution when handling unknown files to mitigate potential risks.",Adobe,Indesign Desktop,7.8,HIGH,0.0009899999713525176,false,,false,false,false,,,false,false,,2024-08-14T15:05:49.394Z,0
CVE-2024-41851,https://securityvulnerability.io/vulnerability/CVE-2024-41851,Adobe InDesign Vulnerable to Integer Overflow or Wraparound Exploits,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are susceptible to an integer overflow or wraparound vulnerability, which allows for the potential execution of arbitrary code under the privileges of the current user. To exploit this vulnerability, malicious actors can craft a specially designed file that, when opened by a user, triggers the vulnerability. This exploit emphasizes the importance of ensuring users do not open untrusted or suspicious files, thereby mitigating the risks associated with this vulnerability.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-08-14T15:05:44.016Z,0
CVE-2024-39394,https://securityvulnerability.io/vulnerability/CVE-2024-39394,InDesign Vulnerability Could Lead to Arbitrary Code Execution,"Adobe InDesign Desktop versions ID19.4, ID18.5.2, and earlier are susceptible to an out-of-bounds write vulnerability. This vulnerability poses a risk of arbitrary code execution within the context of the current user. Successful exploitation necessitates that the user opens a specially crafted malicious file, leading to potential unauthorized actions on the system. Users of affected InDesign versions are advised to implement security measures and update to the latest versions as provided in Adobe's security advisory.",Adobe,Indesign Desktop,7.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-08-14T15:05:41.031Z,0
CVE-2024-39396,https://securityvulnerability.io/vulnerability/CVE-2024-39396,InDesign Vulnerability Leads to Sensitive Memory Disclosure,"InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-08-02T07:16:00.000Z,0
CVE-2024-39392,https://securityvulnerability.io/vulnerability/CVE-2024-39392,Adobe InDesign Vulnerable to Heap-based Buffer Overflow,"A Heap-based Buffer Overflow vulnerability exists in Adobe InDesign Desktop that affects versions ID18.5.2 and ID19.3, as well as earlier releases. This vulnerability allows for the execution of arbitrary code if a user opens a specially crafted malicious file. Successful exploitation necessitates user interaction, requiring the targeted individual to engage with the malicious content. The issue highlights the importance of exercising caution when handling untrusted files.",Adobe,Indesign Desktop,7.8,HIGH,0.0005099999834783375,false,,false,false,false,,,false,false,,2024-08-02T07:16:00.000Z,0
CVE-2024-41836,https://securityvulnerability.io/vulnerability/CVE-2024-41836,InDesign Vulnerability Could Lead to Denial of Service,"InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Indesign Desktop,5.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-07-23T11:34:55.471Z,0
CVE-2024-20781,https://securityvulnerability.io/vulnerability/CVE-2024-20781,Adobe InDesign Vulnerable to Heap-based Buffer Overflow,"Adobe InDesign Desktop has been found to possess a Heap-based Buffer Overflow vulnerability. This issue affects versions ID19.3, ID18.5.2 and earlier. An attacker can exploit this vulnerability by enticing a user to open a specially crafted malicious file, which could lead to arbitrary code execution with the permissions of the current user. To mitigate the potential risks, it is essential for users to refrain from opening untrusted or unknown files.",Adobe,Indesign Desktop,7.8,HIGH,0.0006600000197067857,false,,false,false,false,,,false,false,,2024-07-09T19:18:42.013Z,0