Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-30305 |
Description: XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02%
April 8th, 2025 (14 days ago)
|
|
CVE-2025-30303 |
Description: Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02% SSVC Exploitation: none
April 8th, 2025 (14 days ago)
|
|
CVE-2025-30302 |
Description: Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02%
April 8th, 2025 (14 days ago)
|
|
CVE-2025-30301 |
Description: Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02%
April 8th, 2025 (14 days ago)
|
|
CVE-2025-30300 |
Description: Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.03% SSVC Exploitation: none
April 8th, 2025 (14 days ago)
|
|
CVE-2025-27205 |
Description: Adobe Experience Manager Screens versions FP11.3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must open a malicious link.
CVSS: MEDIUM (5.4) EPSS Score: 0.03% SSVC Exploitation: none
April 8th, 2025 (14 days ago)
|
|
CVE-2025-27202 |
Description: Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02% SSVC Exploitation: none
April 8th, 2025 (14 days ago)
|
|
CVE-2025-27201 |
Description: Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS: MEDIUM (5.5) EPSS Score: 0.02% SSVC Exploitation: none
April 8th, 2025 (14 days ago)
|
|
CVE-2025-32279 |
Description: Missing Authorization vulnerability in Shahjada Live Forms. This issue affects Live Forms: from n/a through 4.8.5.
CVSS: MEDIUM (4.3) EPSS Score: 0.03%
April 8th, 2025 (14 days ago)
|
|
CVE-2025-32211 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Broadstreet Broadstreet allows Stored XSS. This issue affects Broadstreet: from n/a through 1.51.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.03%
April 8th, 2025 (14 days ago)
|