Total
8212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39821 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | N/A |
| Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||
| CVE-2021-37969 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. | |||||
| CVE-2021-39858 | 3 Adobe, Apple, Microsoft | 8 Acrobat, Acrobat 2017, Acrobat Dc and 5 more | 2023-11-07 | 4.3 MEDIUM | N/A |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-3115 | 4 Fedoraproject, Golang, Microsoft and 1 more | 5 Fedora, Go, Windows and 2 more | 2023-11-07 | 5.1 MEDIUM | 7.5 HIGH |
| Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). | |||||
| CVE-2021-39834 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2023-11-07 | 4.3 MEDIUM | N/A |
| Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file. | |||||
| CVE-2021-39841 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2023-11-07 | 6.8 MEDIUM | N/A |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Type Confusion vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39824 | 3 Adobe, Apple, Microsoft | 3 Premiere Elements, Macos, Windows | 2023-11-07 | 9.3 HIGH | N/A |
| Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious png file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2021-34551 | 3 Fedoraproject, Microsoft, Phpmailer Project | 3 Fedora, Windows, Phpmailer | 2023-11-07 | 5.1 MEDIUM | 8.1 HIGH |
| PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. | |||||
| CVE-2021-35982 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2023-11-07 | 4.4 MEDIUM | 7.3 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. A local attacker with non-administrative privileges can plant a malicious DLL to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction. | |||||
| CVE-2021-31850 | 2 Mcafee, Microsoft | 2 Database Security, Windows | 2023-11-07 | 4.9 MEDIUM | 6.1 MEDIUM |
| A denial-of-service vulnerability in Database Security (DBS) prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files in Windows system directories and other locations where sensitive data could be overwritten. The former could lead to a DoS, whilst the latter could lead to data destruction on the DBS server. | |||||
| CVE-2021-31820 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with authentication, the password is shown in plaintext in the UI. | |||||
| CVE-2021-28618 | 2 Adobe, Microsoft | 2 Animate, Windows | 2023-11-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28622 | 2 Adobe, Microsoft | 2 Animate, Windows | 2023-11-07 | 6.8 MEDIUM | N/A |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28581 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2023-11-07 | 4.4 MEDIUM | N/A |
| Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine. | |||||
| CVE-2021-28608 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-11-07 | 9.3 HIGH | N/A |
| Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28587 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-11-07 | 4.3 MEDIUM | 3.3 LOW |
| After Effects versions 18.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28617 | 2 Adobe, Microsoft | 2 Animate, Windows | 2023-11-07 | 4.3 MEDIUM | N/A |
| Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28604 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28609 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2023-11-07 | 4.3 MEDIUM | N/A |
| Adobe After Effects version 18.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28549 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||