7.8
CVE-2025-27197 - Lightroom Desktop | Out-of-bounds Write (CWE-787)
Lightroom Desktop versions 8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2025-30320 - InDesign Desktop | NULL Pointer Dereference (CWE-476)
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires…
7.8
CVE-2025-30318 - InDesign Desktop | Out-of-bounds Write (CWE-787)
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2025-30319 - InDesign Desktop | NULL Pointer Dereference (CWE-476)
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requir…
7.3
CVE-2025-0035 -
Unquoted search path within AMD Cloud Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution.
2.3
CVE-2025-47280 - Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow
Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email message, making any form with this workflow…
7.3
CVE-2024-36321 -
Unquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution.
6.9
CVE-2024-6364 - Server Identity Validation Bypass in Absolute Persistence®
A vulnerability in Absolute Persistence® versions before 2.8 exists when it is not activated. This may allow a skilled attacker with both physical access to the device, and full hostile network control, to initiate OS commands on the device. To remediate this vulnerability, update the device firmw…
7.8
CVE-2025-24063 - Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-32707 - NTFS Elevation of Privilege Vulnerability
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.