Export limit exceeded: 335289 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 74725 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74725 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53547 | 1 Helm | 1 Helm | 2026-02-26 | 8.5 High |
| Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4. | ||||
| CVE-2025-43590 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-6759 | 1 Citrix | 1 Virtual Apps And Desktops | 2026-02-26 | 7.8 High |
| Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS | ||||
| CVE-2025-43593 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47103 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47136 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43558 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30317 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47134 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43594 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43589 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47108 | 1 Adobe | 1 Substance 3d Painter | 2026-02-26 | 7.8 High |
| Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43592 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-33112 | 1 Ibm | 2 Aix, Vios | 2026-02-26 | 8.4 High |
| IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input. | ||||
| CVE-2025-43591 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-31104 | 1 Fortinet | 1 Fortiadc | 2026-02-26 | 7 High |
| An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.7, 7.1.0 through 7.1.4, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated attacker to execute unauthorized code via crafted HTTP requests. | ||||
| CVE-2025-49526 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-02-26 | 7.8 High |
| Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-49530 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-02-26 | 7.8 High |
| Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47957 | 1 Microsoft | 4 365 Apps, Office 2021, Office 2024 and 1 more | 2026-02-26 | 8.4 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-49529 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-02-26 | 7.8 High |
| Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||