Indesign
by Adobe Inc.
CVEs (204)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-30663 | 0.00 | — | 0.02 | Jun 16, 2022 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must… | |||
| CVE-2022-30662 | 0.00 | — | 0.02 | Jun 16, 2022 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must… | |||
| CVE-2022-30661 | 0.00 | — | 0.06 | Jun 16, 2022 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a… | |||
| CVE-2022-30660 | 0.00 | — | 0.02 | Jun 16, 2022 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must… | |||
| CVE-2022-30659 | 0.00 | — | 0.02 | Jun 16, 2022 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must… | |||
| CVE-2022-30658 | 0.00 | — | 0.06 | Jun 16, 2022 | Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a… | |||
| CVE-2021-42732 | 0.00 | — | 0.02 | Jun 15, 2022 | Access of Memory Location After End of Buffer (CWE-788) | |||
| CVE-2021-40727 | 0.00 | — | 0.01 | Jun 15, 2022 | Access of Memory Location After End of Buffer (CWE-788 | |||
| CVE-2021-39820 | 0.00 | — | 0.04 | Jun 15, 2022 | Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is… | |||
| CVE-2021-45059 | 0.00 | — | 0.01 | Jan 13, 2022 | Adobe InDesign version 16.4 (and earlier) is affected by a use-after-free vulnerability in the processing of a JPEG2000 file that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this… | |||
| CVE-2021-45057 | 0.00 | — | 0.02 | Jan 13, 2022 | Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG2000… | |||
| CVE-2021-45058 | 0.00 | — | 0.02 | Jan 13, 2022 | Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG file. | |||
| CVE-2021-42731 | 0.00 | — | 0.05 | Nov 16, 2021 | Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of… | |||
| CVE-2021-39821 | 0.00 | — | 0.04 | Sep 29, 2021 | Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must… | |||
| CVE-2021-36004 | 0.00 | — | 0.02 | Jul 27, 2021 | Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue… | |||
| CVE-2021-21099 | 0.00 | — | 0.06 | Jun 28, 2021 | Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this… | |||
| CVE-2021-21098 | 0.00 | — | 0.06 | Jun 28, 2021 | Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this… | |||
| CVE-2020-24421 | 0.00 | — | 0.02 | Oct 21, 2020 | Adobe InDesign version 15.1.2 (and earlier) is affected by a NULL pointer dereference bug that occurs when handling a malformed .indd file. The impact is limited to causing a denial-of-service of the client application. User interaction is required to exploit this issue. | |||
| CVE-2020-9727 | 0.00 | — | 0.03 | Sep 10, 2020 | A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user. | |||
| CVE-2020-9729 | 0.00 | — | 0.03 | Sep 10, 2020 | A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user. |
- CVE-2022-30663Jun 16, 2022risk 0.00cvss —epss 0.02
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
- CVE-2022-30662Jun 16, 2022risk 0.00cvss —epss 0.02
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
- CVE-2022-30661Jun 16, 2022risk 0.00cvss —epss 0.06
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
- CVE-2022-30660Jun 16, 2022risk 0.00cvss —epss 0.02
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
- CVE-2022-30659Jun 16, 2022risk 0.00cvss —epss 0.02
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
- CVE-2022-30658Jun 16, 2022risk 0.00cvss —epss 0.06
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
- CVE-2021-42732Jun 15, 2022risk 0.00cvss —epss 0.02
Access of Memory Location After End of Buffer (CWE-788)
- CVE-2021-40727Jun 15, 2022risk 0.00cvss —epss 0.01
Access of Memory Location After End of Buffer (CWE-788
- CVE-2021-39820Jun 15, 2022risk 0.00cvss —epss 0.04
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is…
- CVE-2021-45059Jan 13, 2022risk 0.00cvss —epss 0.01
Adobe InDesign version 16.4 (and earlier) is affected by a use-after-free vulnerability in the processing of a JPEG2000 file that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this…
- CVE-2021-45057Jan 13, 2022risk 0.00cvss —epss 0.02
Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG2000…
- CVE-2021-45058Jan 13, 2022risk 0.00cvss —epss 0.02
Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG file.
- CVE-2021-42731Nov 16, 2021risk 0.00cvss —epss 0.05
Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of…
- CVE-2021-39821Sep 29, 2021risk 0.00cvss —epss 0.04
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
- CVE-2021-36004Jul 27, 2021risk 0.00cvss —epss 0.02
Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue…
- CVE-2021-21099Jun 28, 2021risk 0.00cvss —epss 0.06
Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this…
- CVE-2021-21098Jun 28, 2021risk 0.00cvss —epss 0.06
Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this…
- CVE-2020-24421Oct 21, 2020risk 0.00cvss —epss 0.02
Adobe InDesign version 15.1.2 (and earlier) is affected by a NULL pointer dereference bug that occurs when handling a malformed .indd file. The impact is limited to causing a denial-of-service of the client application. User interaction is required to exploit this issue.
- CVE-2020-9727Sep 10, 2020risk 0.00cvss —epss 0.03
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
- CVE-2020-9729Sep 10, 2020risk 0.00cvss —epss 0.03
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
Page 10 of 11