Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-02-11 CVE-2025-21121 Out-of-bounds Write vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
2025-02-11 CVE-2025-21123 Out-of-bounds Write vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
2025-02-11 CVE-2025-21157 Out-of-bounds Write vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
2025-02-11 CVE-2025-21158 Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-191
7.8
2025-02-11 CVE-2024-13813 Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Secure Access Client
Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.
local
low complexity
ivanti CWE-732
7.1
2025-02-11 CVE-2024-47908 OS Command Injection vulnerability in Ivanti Cloud Services Appliance
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
network
low complexity
ivanti CWE-78
7.2
2025-02-11 CVE-2025-22467 Stack-based Buffer Overflow vulnerability in Ivanti Connect Secure
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution.
network
low complexity
ivanti CWE-121
8.8
2025-02-11 CVE-2025-24807 Insufficient Verification of Data Authenticity vulnerability in Eprosima Fast DDS
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group).
local
low complexity
eprosima CWE-345
7.1
2025-02-11 CVE-2025-24896 Insufficient Session Expiration vulnerability in Misskey
Misskey is an open source, federated social media platform.
network
low complexity
misskey CWE-613
8.1
2025-02-11 CVE-2024-45386 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SIMOCODE ES V19 (All versions < V19 Update 1), SIRIUS Safety ES V19 (TIA Portal) (All versions < V19 Update 1), SIRIUS Soft Starter ES V19 (TIA Portal) (All versions < V19 Update 1), TIA Administrator (All versions < V3.0.4).
network
low complexity
CWE-613
8.8