Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-11 | CVE-2025-21126 | Unspecified vulnerability in Adobe Indesign InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service condition. | 5.5 |
| 2025-02-11 | CVE-2025-21157 | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2025-02-11 | CVE-2025-21158 | Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Indesign InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2025-02-11 | CVE-2024-13813 | Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Secure Access Client Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files. | 7.1 |
| 2025-02-11 | CVE-2024-13830 | Cross-site Scripting vulnerability in Ivanti Connect Secure 22.7/7.1/7.4 Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote unauthenticated attacker to obtain admin privileges. | 6.1 |
| 2025-02-11 | CVE-2024-13842 | Use of Hard-coded Cryptographic Key vulnerability in Ivanti Connect Secure 22.7/7.1/7.4 A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data. | 4.4 |
| 2025-02-11 | CVE-2024-13843 | Cleartext Storage of Sensitive Information vulnerability in Ivanti Connect Secure 22.7/7.1/7.4 Cleartext storage of information in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a local authenticated attacker with admin privileges to read sensitive data. | 4.4 |
| 2025-02-11 | CVE-2024-47908 | OS Command Injection vulnerability in Ivanti Cloud Services Appliance OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution. | 7.2 |
| 2025-02-11 | CVE-2025-22467 | Stack-based Buffer Overflow vulnerability in Ivanti Connect Secure A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. | 8.8 |
| 2025-02-11 | CVE-2025-24807 | Insufficient Verification of Data Authenticity vulnerability in Eprosima Fast DDS eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). | 7.1 |