|
1261
|
7.7 |
HIGH
Local
|
pengutronix
|
barebox
|
barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the eh_entries field against buffer capacity in fs/ext4/ext4_common.…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-34961
|
2026-05-14 04:57 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1262
|
7.8 |
HIGH
Local
|
pengutronix
|
barebox
|
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithm…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-34963
|
2026-05-14 04:44 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1263
|
7.8 |
HIGH
Local
|
adobe
|
after_effects
|
After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitat…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-34690
|
2026-05-14 04:42 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1264
|
7.8 |
HIGH
Local
|
adobe
|
substance_3d_designer
|
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-34682
|
2026-05-14 04:40 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1265
|
7.8 |
HIGH
Local
|
adobe
|
substance_3d_designer
|
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-34681
|
2026-05-14 04:40 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1266
|
6.3 |
MEDIUM
Local
|
adobe
|
substance_3d_designer
|
Substance3D - Designer versions 15.1.0 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file sy…
|
CWE-22
Path Traversal
|
CVE-2026-34664
|
2026-05-14 04:40 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1267
|
9.3 |
CRITICAL
Network
|
adobe
|
connect_desktop_application
|
Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An …
|
CWE-863
Incorrect Authorization
|
CVE-2026-34660
|
2026-05-14 04:39 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1268
|
9.6 |
CRITICAL
Network
|
adobe
|
connect_desktop_application
|
Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-34659
|
2026-05-14 04:38 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1269
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-42050
|
2026-05-14 04:38 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1270
|
7.8 |
HIGH
Local
|
adobe
|
media_encoder
|
Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-34639
|
2026-05-14 04:36 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
