Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-13
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-13
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-13
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-13
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-12
The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-12
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-12
This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVSS Score
4.7
EPSS Score
0.001
Published
2025-05-12
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-05-12
The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be able to gain elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-12