Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-12-10 CVE-2024-49547 Out-of-bounds Read vulnerability in Adobe Indesign
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2024-12-10 CVE-2024-49548 Out-of-bounds Read vulnerability in Adobe Indesign
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2024-12-10 CVE-2024-49549 Out-of-bounds Read vulnerability in Adobe Indesign
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2024-12-10 CVE-2024-49550 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
6.1
2024-12-10 CVE-2024-53951 Out-of-bounds Read vulnerability in Adobe Indesign
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2024-12-10 CVE-2024-53952 NULL Pointer Dereference vulnerability in Adobe Indesign
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service.
local
low complexity
adobe CWE-476
5.5
2024-12-10 CVE-2024-54032 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
6.1
2024-12-10 CVE-2024-54034 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
6.1
2024-12-10 CVE-2024-54036 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
6.1
2024-12-10 CVE-2024-54037 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session.
network
low complexity
adobe CWE-79
5.4