Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2026-21323 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21324 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21325 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An ... | 7.8 | HIGH | — | 0 |
| CVE-2025-29948 Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory inte... | N/A | NONE | — | 0 |
| CVE-2026-21326 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21327 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu... | 7.8 | HIGH | — | 0 |
| CVE-2026-21328 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu... | 7.8 | HIGH | — | 0 |
| CVE-2026-21329 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21330 After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of t... | 7.8 | HIGH | — | 0 |
| CVE-2026-21332 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sen... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21334 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | — | 0 |
| CVE-2026-21338 Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21339 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sen... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21350 After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21351 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requ... | 7.8 | HIGH | — | 0 |
| CVE-2026-21357 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita... | 7.8 | HIGH | — | 0 |
| CVE-2026-21358 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnera... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21508 Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | — | 0 |
| CVE-2026-21511 Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network. | 7.5 | HIGH | — | 0 |
| CVE-2026-21512 Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-29949 Insufficient input parameter sanitization in AMD Secure Processor (ASP) Boot Loader (legacy recovery mode only) could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially result... | N/A | NONE | — | 0 |
| CVE-2026-21516 Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network. | 8.8 | HIGH | — | 0 |
| CVE-2026-21522 Improper neutralization of special elements used in a command ('command injection') in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. | 6.7 | MEDIUM | — | 0 |
| CVE-2026-21523 Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network. | 8.0 | HIGH | — | 0 |
| CVE-2026-21527 User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-21529 Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network. | 5.7 | MEDIUM | — | 0 |
| CVE-2025-29950 Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution. | N/A | NONE | — | 0 |
| CVE-2026-21531 Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-21537 Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network. | 8.8 | HIGH | — | 0 |
| CVE-2026-25577 Emmett is a framework designed to simplify your development process. Prior to 1.3.11, the cookies property in mmett_core.http.wrappers.Request does not handle CookieError exceptions when parsing malfo... | 7.5 | HIGH | — | 0 |
| CVE-2026-25611 A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server. | 7.5 | HIGH | — | 0 |
| CVE-2026-25612 The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this rep... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-25646 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists ... | 8.1 | HIGH | — | 0 |
| CVE-2026-21345 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct... | 7.8 | HIGH | — | 0 |
| CVE-2026-25728 ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability exists in ClipBucket's avatar and background image up... | 7.5 | HIGH | — | 0 |
| CVE-2026-25950 Rejected reason: Further research determined the issue is not a vulnerability. | N/A | NONE | — | 0 |
| CVE-2026-25956 Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect (or reflected XSS... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-21341 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t... | 7.8 | HIGH | — | 0 |
| CVE-2026-21342 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t... | 7.8 | HIGH | — | 0 |
| CVE-2026-21343 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct... | 7.8 | HIGH | — | 0 |
| CVE-2026-21344 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct... | 7.8 | HIGH | — | 0 |
| CVE-2026-21346 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i... | 7.8 | HIGH | — | 0 |
| CVE-2026-21347 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitatio... | 7.8 | HIGH | — | 0 |
| CVE-2026-21352 DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu... | 7.8 | HIGH | — | 0 |
| CVE-2026-21353 DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o... | 7.8 | HIGH | — | 0 |
| CVE-2026-21354 DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability t... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21355 DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive info... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-26009 Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating syst... | 9.9 | CRITICAL | — | 0 |
| CVE-2021-26381 Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory c... | N/A | NONE | — | 0 |
| CVE-2026-21348 Substance3D - Modeler versions 1.22.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sens... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.