Filtered by vendor Microsoft Subscriptions
Total 24965 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-45650 1 Microsoft 1 Bing 2026-06-10 4.3 Medium
User interface (ui) misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45466 1 Microsoft 8 365 Apps, Microsoft 365 Apps For Enterprise, Office 2021 and 5 more 2026-06-10 3.3 Low
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-34707 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2026-06-10 7.8 High
InCopy versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34706 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2026-06-10 7.8 High
InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34705 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 5.5 Medium
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34704 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 5.5 Medium
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34703 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 5.5 Medium
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34702 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34701 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34700 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34699 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34698 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34697 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34696 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34695 3 Adobe, Apple, Microsoft 4 Indesign, Indesign Desktop, Macos and 1 more 2026-06-10 7.8 High
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34708 3 Adobe, Apple, Microsoft 3 Incopy, Macos, Windows 2026-06-10 7.8 High
InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-11195 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-10 6.5 Medium
Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11194 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-10 6.5 Medium
Inappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-42835 1 Microsoft 1 Teams 2026-06-10 8.1 High
Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network.
CVE-2026-11182 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-06-10 6.5 Medium
Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)