Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2024-54040

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 5.4

    MEDIUM
    CVE-2024-54039

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 4.3

    MEDIUM
    CVE-2024-54038

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Jan. 15, 2025

  • 8.1

    HIGH
    CVE-2024-54037

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session. By manipulating a DOM ele... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Jan. 21, 2025

  • 9.3

    CRITICAL
    CVE-2024-54036

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Jan. 15, 2025

  • 9.3

    CRITICAL
    CVE-2024-54034

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed wi... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Jan. 21, 2025

  • 9.3

    CRITICAL
    CVE-2024-54032

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Jan. 15, 2025

  • 7.8

    HIGH
    CVE-2024-53954

    Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t... Read more

    Affected Products : macos windows animate
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-53953

    Animate versions 23.0.8, 24.0.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ... Read more

    Affected Products : macos windows animate
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-53952

    InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a deni... Read more

    Affected Products : macos windows indesign
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-53951

    InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of... Read more

    Affected Products : macos windows indesign
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52997

    Photoshop Desktop versions 26.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ... Read more

    Affected Products : macos windows photoshop
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52996

    Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more

    Affected Products : substance_3d_sampler
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52995

    Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more

    Affected Products : substance_3d_sampler
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52994

    Substance3D - Sampler versions 4.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim m... Read more

    Affected Products : substance_3d_sampler
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52990

    Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite ('Buffer Underflow') vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to manipulat... Read more

    Affected Products : macos windows animate
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52989

    Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t... Read more

    Affected Products : macos windows animate
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52988

    Animate versions 23.0.8, 24.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must o... Read more

    Affected Products : macos windows animate
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52987

    Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t... Read more

    Affected Products : macos windows animate
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024

  • 7.8

    HIGH
    CVE-2024-52986

    Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t... Read more

    Affected Products : macos windows animate
    • Published: Dec. 10, 2024
    • Modified: Dec. 18, 2024
Showing 20 of 292048 Results