Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total15,024
Critical923
High3,044
Medium10,857
Reset
Showing 1821-1840 of 15024 records
Threat Entry Updated 2026-01-14

CVE-2026-21276 - InDesign Desktop Plugin

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

PLUGIN InDesign Desktop

CVE-2026-21276

HIGH CVSS 7.8 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21275 - InDesign Desktop Plugin

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

PLUGIN InDesign Desktop

CVE-2026-21275

HIGH CVSS 7.8 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21278 - InDesign Desktop Plugin

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

PLUGIN InDesign Desktop

CVE-2026-21278

MEDIUM CVSS 5.5 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21272 - Dreamweaver Desktop Plugin

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An attacker could leverage this vulnerability to manipulate or inject malicious data into files on the system. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.

PLUGIN Dreamweaver Desktop

CVE-2026-21272

HIGH CVSS 8.6 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21271 - Dreamweaver Desktop Plugin

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.

PLUGIN Dreamweaver Desktop

CVE-2026-21271

HIGH CVSS 8.6 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21268 - Dreamweaver Desktop Plugin

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.

PLUGIN Dreamweaver Desktop

CVE-2026-21268

HIGH CVSS 8.6 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21267 - Dreamweaver Desktop Plugin

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.

PLUGIN Dreamweaver Desktop

CVE-2026-21267

HIGH CVSS 8.6 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21274 - Dreamweaver Desktop Plugin

Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

PLUGIN Dreamweaver Desktop

CVE-2026-21274

HIGH CVSS 7.8 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-14

CVE-2026-21265 - Windows 10 Version 1607 Plugin

Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot. The operating system’s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and…

PLUGIN Windows 10 Version 1607

CVE-2026-21265

MEDIUM CVSS 6.4 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-21221 - Windows 11 Version 24H2 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.

PLUGIN Windows 11 Version 24H2

CVE-2026-21221

HIGH CVSS 7.0 2026-01-13
Open Full Technical Breakdown
Scroll to top