Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54209 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-08-13 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54207 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-08-13 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54210 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-08-13 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54206 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-08-13 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54651 | 1 Huawei | 1 Harmonyos | 2025-08-13 | N/A | 4.7 MEDIUM |
| Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-54208 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-08-13 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54211 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-08-13 | N/A | 7.8 HIGH |
| InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-8100 | 1 Bdthemes | 1 Element Pack | 2025-08-13 | N/A | 5.4 MEDIUM |
| The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2025-3320 | 1 Ibm | 1 Tivoli Monitoring | 2025-08-13 | N/A | 9.8 CRITICAL |
| IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. | |||||
| CVE-2025-54997 | 1 Openbao | 1 Openbao | 2025-08-13 | N/A | N/A |
| OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections. However, these operators can bypass both restrictions through the audit subsystem by manipulating log prefixes. This allows unauthorized code execution and network access that violates the intended security model. This issue is fixed in version 2.3.2. To workaround, users can block access to sys/audit/* endpoints using explicit deny policies, but root operators cannot be restricted this way. | |||||
| CVE-2025-3354 | 1 Ibm | 1 Tivoli Monitoring | 2025-08-13 | N/A | 9.8 CRITICAL |
| IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. | |||||
| CVE-2025-8419 | 1 Redhat | 1 Keycloak | 2025-08-13 | N/A | 5.3 MEDIUM |
| A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters (limited local part of the email), so the attack is limited to very shorts emails (subject and little data, the example is 60 chars). This flaw's only direct consequence is an unsolicited email being sent from the Keycloak server. However, this action could be a precursor for more sophisticated attacks. | |||||
| CVE-2025-54187 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | N/A | 7.8 HIGH |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-36020 | 1 Ibm | 1 Guardium Data Protection | 2025-08-13 | N/A | 7.5 HIGH |
| IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information. | |||||
| CVE-2025-54190 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | N/A | 5.5 MEDIUM |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54191 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | N/A | 5.5 MEDIUM |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54189 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | N/A | 5.5 MEDIUM |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54188 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | N/A | 5.5 MEDIUM |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54192 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | N/A | 5.5 MEDIUM |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-54193 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | N/A | 5.5 MEDIUM |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||