5.5
CVE-2024-34140 - Adobe Bridge PDF File Parsing Memory Corruption
Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a viβ¦
7.8
CVE-2024-34139 - Adobe Bridge has an integer overflow vulnerability when parsing SVG file
Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-20781 - Adobe Indesign TIF File Parsing Heap Memory Corruption
InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-20785 - Adobe Indesign 2024 TIFF File Parsing Memory Corruption Remote Code Execution vulnerability
InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-20783 - Adobe Indesign 2024 RLE File Parsing Heap Memory Corruption
InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-20782 - Adobe Indesign WMF File Parsing Out Of Bound Write
InDesign Desktop versions ID19.3, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
0.0
CVE-2024-6630 -
**REJECT** This CVE ID was issued in error and is a duplicate. Please use CVE-2024-6500 instead.
7
CVE-2024-34123 - Adobe Premiere Pro arbitrary DLL loading lead to remote code execution
Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious file into the search path, which the application might execute instead of the leβ¦
5.3
CVE-2024-39899 - PrivateBin allows shortening of URLs for other domains
PrivateBin is an online pastebin where the server has zero knowledge of pasted data. In v1.5, PrivateBin introduced the YOURLS server-side proxy. The idea was to allow using the YOURLs URL shortener without running the YOURLs instance without authentication and/or exposing the authentication token β¦
4.3
CVE-2024-39897 - Cache driver GetBlob() allows read access to any blob without access control check
zot is an OCI image registry. Prior to 2.1.0, the cache driver `GetBlob()` allows read access to any blob without access control check. If a Zot `accessControl` policy allows users read access to some repositories but restricts read access to other repositories and `dedupe` is enabled (it is enableβ¦