CVE-2025-21123

HIGH Year: 2025
CVSS v3 Score
7.8
High
Weakness Type
CWE-122
View all →

Vulnerability Description

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Related Vulnerabilities

CVE-2016-8654

HIGH
CVSS:7.8(High)

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.

CWE-1222016

CVE-2017-16737

HIGH
CVSS:7.8(High)

An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. A specially-crafted malicious file may be able to cause a heap-based buffer overflow vulnerability when opened by ...

CWE-1222017

CVE-2018-8833

HIGH
CVSS:7.8(High)

Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.

CWE-1222018

CVE-2018-8834

HIGH
CVSS:7.8(High)

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer ver...

CWE-1222018

CVE-2019-10951

HIGH
CVSS:7.8(High)

Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files,...

CWE-1222019

CVE-2019-10982

HIGH
CVSS:7.8(High)

Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an atta...

CWE-1222019