Total
8212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-6984 | 2 Foxitsoftware, Microsoft | 2 3d, Windows | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter a Use-After-Free or Type Confusion and crash during handling of certain PDF files that embed specifically crafted 3D content, due to the use of a wild pointer. | |||||
| CVE-2020-9573 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2021-36376 | 2 Delta Project, Microsoft | 2 Delta, Windows | 2021-07-16 | 4.4 MEDIUM | 7.8 HIGH |
| dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory. | |||||
| CVE-2021-29712 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2021-07-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 200966. | |||||
| CVE-2021-3606 | 2 Microsoft, Openvpn | 2 Windows, Openvpn | 2021-07-09 | 4.4 MEDIUM | 7.8 HIGH |
| OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe). | |||||
| CVE-2020-4902 | 2 Ibm, Microsoft | 2 Datacap Navigator, Windows | 2021-07-07 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 191045. | |||||
| CVE-2020-4935 | 2 Ibm, Microsoft | 2 Datacap Navigator, Windows | 2021-07-07 | 3.5 LOW | 5.4 MEDIUM |
| IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191753. | |||||
| CVE-2021-21102 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
| Adobe Illustrator version 25.2 (and earlier) is affected by a Path Traversal vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21101 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
| Adobe Illustrator version 25.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21098 | 2 Adobe, Microsoft | 2 Indesign, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
| Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21099 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
| Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-21090 | 2 Adobe, Microsoft | 2 Incopy, Windows | 2021-07-06 | 9.3 HIGH | 8.8 HIGH |
| Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28575 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28576 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28574 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-07-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-7869 | 2 Mastersoft, Microsoft | 2 Zook, Windows | 2021-07-02 | 9.0 HIGH | 8.8 HIGH |
| An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to create file. An attacker could create and execute arbitrary file in the ZOOK agent program using "Tight file CMD" without authority. | |||||
| CVE-2020-7868 | 2 Helpu, Microsoft | 2 Helpu, Windows | 2021-07-02 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of ShellExecutionExA function used for login. | |||||
| CVE-2021-28573 | 2 Adobe, Microsoft | 2 Animate, Windows | 2021-07-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28570 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2021-07-02 | 9.3 HIGH | 8.6 HIGH |
| Adobe After Effects version 18.1 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An unauthenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction. | |||||
| CVE-2021-20572 | 2 Ibm, Microsoft | 2 Security Identity Manager Adapter, Windows | 2021-07-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247. | |||||