CVE-2025-54215 - Adobe InCopy Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-54215
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54215
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54216 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution Vulnerability
CVE ID : CVE-2025-54216
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54216
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54217 - Adobe InCopy Heap-based Buffer Overflow Vulnerability
CVE ID : CVE-2025-54217
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54217
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54218 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution
CVE ID : CVE-2025-54218
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54218
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54219 - Adobe InCopy Heap-based Buffer Overflow Arbitrary Code Execution
CVE ID : CVE-2025-54219
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54219
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54220 - Adobe InCopy Heap-based Buffer Overflow Arbitrary Code Execution
CVE ID : CVE-2025-54220
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54220
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54221 - Adobe InCopy Out-of-Bounds Write Arbitrary Code Execution Vulnerability
CVE ID : CVE-2025-54221
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54221
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54223 - Adobe InCopy Use After Free Vulnerability
CVE ID : CVE-2025-54223
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54223
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54224 - Adobe InDesign Use After Free Vulnerability
CVE ID : CVE-2025-54224
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54224
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54225 - Adobe InDesign Use After Free Vulnerability (Arbitrary Code Execution)
CVE ID : CVE-2025-54225
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54225
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54226 - Adobe InDesign Use After Free Vulnerability
CVE ID : CVE-2025-54226
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54226
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54227 - Adobe InDesign Out-of-Bounds Read Vulnerability
CVE ID : CVE-2025-54227
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54227
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54228 - Adobe InDesign Out-of-Bounds Read Vulnerability
CVE ID : CVE-2025-54228
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54228
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54235 - Substance3D Modeler Out-of-Bounds Read Vulnerability
CVE ID : CVE-2025-54235
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54235
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55165 - Autocaliweb API Key Exposure
CVE ID : CVE-2025-55165
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : Autocaliweb is a web app that offers an interface for browsing, reading, and downloading eBooks using a valid Calibre database. Prior to version 0.8.3, the debug pack generated by Autocaliweb can expose sensitive configuration data, including API keys. This occurs because the to_dict() method, used to serialize configuration for the debug pack, doesn't adequately filter out sensitive fields such as API tokens. Users, unaware of the full contents, might share these debug packs, inadvertently leaking their private API keys. This issue has been patched in version 0.8.3.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55165
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : Autocaliweb is a web app that offers an interface for browsing, reading, and downloading eBooks using a valid Calibre database. Prior to version 0.8.3, the debug pack generated by Autocaliweb can expose sensitive configuration data, including API keys. This occurs because the to_dict() method, used to serialize configuration for the debug pack, doesn't adequately filter out sensitive fields such as API tokens. Users, unaware of the full contents, might share these debug packs, inadvertently leaking their private API keys. This issue has been patched in version 0.8.3.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55170 - WeGIA Reflected Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-55170
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a reflected cross-site scripting (XSS) vulnerability was identified in the /html/alterar_senha.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the verificacao and redir_config parameter. This issue has been patched in version 3.4.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55170
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a reflected cross-site scripting (XSS) vulnerability was identified in the /html/alterar_senha.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the verificacao and redir_config parameter. This issue has been patched in version 3.4.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55171 - WeGIA Unauthenticated File Deletion Vulnerability
CVE ID : CVE-2025-55171
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, the application does not check authentication at endpoint /html/personalizacao_remover.php allowing anonymous attacker (without login) to delete any Image files at endpoint /html/personalizacao_remover.php by defining imagem_0 as image id to delete. This issue has been patched in version 3.4.8.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55171
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 1 minute ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, the application does not check authentication at endpoint /html/personalizacao_remover.php allowing anonymous attacker (without login) to delete any Image files at endpoint /html/personalizacao_remover.php by defining imagem_0 as image id to delete. This issue has been patched in version 3.4.8.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54222 - Substance3D Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-54222
Published : Aug. 12, 2025, 10:15 p.m. | 4 hours, 3 minutes ago
Description : Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54222
Published : Aug. 12, 2025, 10:15 p.m. | 4 hours, 3 minutes ago
Description : Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49456 - Zoom Windows Installer Race Condition Vulnerability
CVE ID : CVE-2025-49456
Published : Aug. 12, 2025, 11:15 p.m. | 3 hours, 3 minutes ago
Description : Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49456
Published : Aug. 12, 2025, 11:15 p.m. | 3 hours, 3 minutes ago
Description : Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49457 - Zoom Untrusted Search Path Privilege Escalation Vulnerability
CVE ID : CVE-2025-49457
Published : Aug. 12, 2025, 11:15 p.m. | 3 hours, 3 minutes ago
Description : Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49457
Published : Aug. 12, 2025, 11:15 p.m. | 3 hours, 3 minutes ago
Description : Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54229 - Adobe Framemaker Use After Free Vulnerability
CVE ID : CVE-2025-54229
Published : Aug. 12, 2025, 11:15 p.m. | 3 hours, 3 minutes ago
Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54229
Published : Aug. 12, 2025, 11:15 p.m. | 3 hours, 3 minutes ago
Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...