Total CVEs

139,456

Critical Severity

3,644

High Severity

13,084

Last 7 Days

1,270
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 3,881 - 3,900 of 35,861 CVEs
CVE-2026-34703 MEDIUM - 5.5

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this iss...

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34702 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34701 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34700 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34699 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34698 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34697 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34696 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34695 HIGH - 7.8

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Jun 09, 2026
Source: NVD
CVE-2026-34694 MEDIUM - 5.9

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim...

Vendor: Adobe
Product: Adobe Experience Manager Forms JEE
Published: Jun 09, 2026
Source: NVD
CVE-2026-34693 HIGH - 8.0

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim...

Vendor: Adobe
Product: Adobe Experience Manager Forms JEE
Published: Jun 09, 2026
Source: NVD
CVE-2026-34691 CRITICAL - 9.3

Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser whe...

Vendor: Adobe
Product: Adobe Experience Manager Forms JEE
Published: Jun 09, 2026
Source: NVD
CVE-2026-28237 MEDIUM - 5.5

Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability.

Vendor: AMD
Product: AMD µProf
Published: Jun 09, 2026
Source: NVD
CVE-2026-0466 MEDIUM - 5.5

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.

Vendor: amd
Product: uprof
Published: Jun 09, 2026
Source: NVD
CVE-2025-54509

Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity.

Published: Jun 09, 2026
Source: NVD
CVE-2026-9213

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device.

Published: Jun 09, 2026
Source: NVD
CVE-2026-9212

Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations.

Published: Jun 09, 2026
Source: NVD
CVE-2026-9211

An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.

Published: Jun 09, 2026
Source: NVD
CVE-2026-9210

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality.

Published: Jun 09, 2026
Source: NVD
CVE-2026-9076 HIGH - 7.5

Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial...

Vendor: openssl
Product: openssl
Published: Jun 09, 2026
Source: NVD