Search
Total
2248 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-28549 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28548 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-25252 | 7 Apple, Emc, Linux and 4 more | 25 Macos, Celerra Network Attached Storage, Linux Kernel and 22 more | 2021-09-08 | 4.9 MEDIUM | 5.5 MEDIUM |
| Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. | |||||
| CVE-2021-21039 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-09-08 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28632 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-09-08 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-8184 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | |||||
| CVE-2020-9727 | 2 Adobe, Apple | 2 Indesign, Macos | 2021-09-08 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user. | |||||
| CVE-2019-7962 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2021-09-08 | 4.4 MEDIUM | 7.8 HIGH |
| Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2020-3790 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop Cc, Macos and 1 more | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3789 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop Cc, Macos and 1 more | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3788 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop Cc, Macos and 1 more | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3787 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop Cc, Macos and 1 more | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3803 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 4.4 MEDIUM | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2019-16455 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-16453 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-16446 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-8205 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-12576 | 2 Apple, Londontrustmedia | 2 Macos, Private Internet Access Vpn Client | 2021-09-08 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher binary is setuid root. This program is called during the connection process and executes several operating system utilities to configure the system. The networksetup utility is called using relative paths. A local unprivileged user can execute arbitrary commands as root by creating a networksetup trojan which will be executed during the connection process. This is possible because the PATH environment variable is not reset prior to executing the OS utility. | |||||
| CVE-2019-12579 | 3 Apple, Linux, Londontrustmedia | 3 Macos, Linux Kernel, Private Internet Access Vpn Client | 2021-09-08 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA Linux/macOS binary openvpn_launcher.64 binary is setuid root. This binary accepts several parameters to update the system configuration. These parameters are passed to operating system commands using a "here" document. The parameters are not sanitized, which allow for arbitrary commands to be injected using shell metacharacters. A local unprivileged user can pass special crafted parameters that will be interpolated by the operating system calls. | |||||
| CVE-2019-15637 | 4 Apple, Linux, Microsoft and 1 more | 7 Macos, Linux Kernel, Windows and 4 more | 2021-09-08 | 5.5 MEDIUM | 8.1 HIGH |
| Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop. | |||||
| CVE-2019-7976 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 9.3 HIGH | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7975 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7979 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7981 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | |||||
| CVE-2019-7982 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7983 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7984 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7985 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7986 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7988 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7989 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7992 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7995 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | |||||
| CVE-2019-7998 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-8000 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | |||||
| CVE-2019-8001 | 3 Adobe, Apple, Microsoft | 3 Photoshop Cc, Macos, Windows | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-14220 | 3 Apple, Bluestacks, Microsoft | 3 Macos, Bluestacks, Windows | 2021-09-08 | 4.9 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to read | |||||
| CVE-2019-8075 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Macos and 5 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | |||||
| CVE-2019-8166 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a buffer overrun vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-8169 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-8174 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-8225 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-8226 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an incomplete implementation of security mechanism vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2016-5202 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2021-09-08 | 7.5 HIGH | 9.1 CRITICAL |
| browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. | |||||
| CVE-2011-1298 | 2 Apple, Google | 2 Macos, Blink | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function. | |||||
| CVE-2019-7960 | 3 Adobe, Apple, Microsoft | 3 Animate Cc, Macos, Windows | 2021-09-08 | 4.4 MEDIUM | 7.8 HIGH |
| Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2019-8246 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-8248 | 3 Adobe, Apple, Microsoft | 3 Illustrator Cc, Macos, Windows | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-17387 | 4 Apple, Aviatrix, Linux and 1 more | 4 Macos, Vpn Client, Linux Kernel and 1 more | 2021-09-08 | 7.2 HIGH | 7.8 HIGH |
| An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS. | |||||
| CVE-2019-16445 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||