Total
8212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-0197 | 2 Microsoft, Thalesgroup | 2 Windows, Sentinel Hasp Ldk | 2025-03-04 | N/A | 7.8 HIGH |
| A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an attacker to escalate their privilege level via local access. | |||||
| CVE-2024-0819 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2025-03-03 | N/A | 7.8 HIGH |
| Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin account. | |||||
| CVE-2024-52053 | 3 Linux, Microsoft, Wowza | 3 Linux Kernel, Windows, Streaming Engine | 2025-03-03 | N/A | 9.6 CRITICAL |
| Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts. | |||||
| CVE-2024-52054 | 3 Linux, Microsoft, Wowza | 3 Linux Kernel, Windows, Streaming Engine | 2025-03-03 | N/A | 2.7 LOW |
| Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system. | |||||
| CVE-2024-52055 | 3 Linux, Microsoft, Wowza | 3 Linux Kernel, Windows, Streaming Engine | 2025-03-03 | N/A | 4.9 MEDIUM |
| Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to read any file on the file system if the target directory contains an XML definition file. | |||||
| CVE-2024-52056 | 3 Linux, Microsoft, Wowza | 3 Linux Kernel, Windows, Streaming Engine | 2025-03-03 | N/A | 6.5 MEDIUM |
| Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to delete any directory on the file system if the target directory contains an XML definition file. | |||||
| CVE-2025-21155 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2025-03-03 | N/A | 5.5 MEDIUM |
| Substance3D - Stager versions 3.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21160 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21163 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21159 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| Illustrator versions 29.1, 28.7.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21156 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21121 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21123 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21125 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 5.5 MEDIUM |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21124 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 5.5 MEDIUM |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21157 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21158 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21126 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | N/A | 5.5 MEDIUM |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service condition. An attacker could exploit this vulnerability to cause the application to crash, resulting in a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-52052 | 3 Linux, Microsoft, Wowza | 3 Linux Kernel, Windows, Streaming Engine | 2025-02-26 | N/A | 7.2 HIGH |
| Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution. | |||||
| CVE-2023-27875 | 3 Ibm, Linux, Microsoft | 3 Aspera Faspex, Linux Kernel, Windows | 2025-02-26 | N/A | 7.5 HIGH |
| IBM Aspera Faspex 5.0.4 could allow a user to change other user's credentials due to improper access controls. IBM X-Force ID: 249847. | |||||