5.7

CVSS3.1

CVE-2026-23653 - GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an authorized attacker to disclose information over a network.

πŸ“… Published: April 14, 2026, 4:56 p.m. πŸ”„ Last Modified: April 15, 2026, 3:15 p.m.

7.8

CVSS3.1

CVE-2026-20930 - Windows Management Services Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

πŸ“… Published: April 14, 2026, 4:56 p.m. πŸ”„ Last Modified: April 15, 2026, 3:15 p.m.

4.9

CVSS3.1

CVE-2026-22692 - October CMS: Twig Sandbox Bypass via Collection Methods

October is a Content Management System (CMS) and web platform. Versions prior to 3.7.13 and versions 4.0.0 through 4.1.4 contain a sandbox bypass vulnerability in the optional Twig safe mode feature (CMS_SAFE_MODE). Certain methods on the collect() helper were not properly restricted, allowing auth…

πŸ“… Published: April 14, 2026, 4:48 p.m. πŸ”„ Last Modified: April 15, 2026, 3:15 p.m.

7.8

CVSS3.1

CVE-2026-27284 - InDesign Desktop | Out-of-bounds Read (CWE-125)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current…

πŸ“… Published: April 14, 2026, 4:45 p.m. πŸ”„ Last Modified: April 15, 2026, 3:15 p.m.

5.5

CVSS3.1

CVE-2026-27285 - InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires use…

πŸ“… Published: April 14, 2026, 4:45 p.m. πŸ”„ Last Modified: April 14, 2026, 7:41 p.m.

5.5

CVSS3.1

CVE-2026-27286 - InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in…

πŸ“… Published: April 14, 2026, 4:45 p.m. πŸ”„ Last Modified: April 14, 2026, 7:37 p.m.

7.8

CVSS3.1

CVE-2026-27283 - InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“… Published: April 14, 2026, 4:45 p.m. πŸ”„ Last Modified: April 15, 2026, 3:58 a.m.

7.8

CVSS3.1

CVE-2026-27238 - InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“… Published: April 14, 2026, 4:45 p.m. πŸ”„ Last Modified: April 15, 2026, 3:58 a.m.

7.8

CVSS3.1

CVE-2026-27291 - InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“… Published: April 14, 2026, 4:45 p.m. πŸ”„ Last Modified: April 15, 2026, 3:58 a.m.

8.6

CVSS3.1

CVE-2026-34622 - Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Poll…

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t…

πŸ“… Published: April 14, 2026, 4:18 p.m. πŸ”„ Last Modified: April 15, 2026, 3:58 a.m.
Total resulsts: 344690
Page 35 of 34,469
Β« previous page Β» next page
Filters