VYPR

Connect

by Adobe Inc.

CVEs (75)

  • CVE-2018-12804CriJul 20, 2018
    risk 0.65cvss 9.8epss 0.11

    Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking.

  • CVE-2017-11291CriDec 9, 2017
    risk 0.65cvss 10.0epss 0.06

    An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.

  • CVE-2025-27203CriJul 8, 2025
    risk 0.64cvss 9.6epss 0.01

    Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed.

  • CVE-2018-12805CriJul 20, 2018
    risk 0.64cvss 9.8epss 0.04

    Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation.

  • CVE-2016-0949CriFeb 10, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.

  • CVE-2026-34659CriMay 12, 2026
    risk 0.63cvss 9.6epss 0.01

    Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to execute arbitrary code.…

  • CVE-2026-27303CriApr 14, 2026
    risk 0.63cvss 9.6epss 0.01

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must visit a…

  • CVE-2026-34615CriApr 14, 2026
    risk 0.61cvss 9.3epss 0.01

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a…

  • CVE-2026-34660CriMay 12, 2026
    risk 0.60cvss 9.3epss 0.00

    Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web…

  • CVE-2026-27246CriApr 14, 2026
    risk 0.60cvss 9.3epss 0.00

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's…

  • CVE-2026-27245CriApr 14, 2026
    risk 0.60cvss 9.3epss 0.00

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's…

  • CVE-2026-27243CriApr 14, 2026
    risk 0.60cvss 9.3epss 0.00

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's…

  • CVE-2018-4923CriMay 19, 2018
    risk 0.60cvss 9.1epss 0.10

    Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.

  • CVE-2026-34617HigApr 14, 2026
    risk 0.57cvss 8.7epss 0.00

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could result in privilege escalation. A low-privileged attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining…

  • CVE-2023-4665HigSep 15, 2023
    risk 0.57cvss 8.8epss 0.01

    Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation. This issue affects Saphira Connect: before 9.

  • CVE-2023-4664HigSep 15, 2023
    risk 0.57cvss 8.8epss 0.01

    Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation. This issue affects Saphira Connect: before 9.

  • CVE-2016-0948HigFeb 10, 2016
    risk 0.57cvss 8.8epss 0.02

    Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2025-49552HigOct 14, 2025
    risk 0.53cvss 8.1epss 0.00

    Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a high-privileged attacker to execute malicious scripts in a victim's browser. Exploitation of this issue requires user interaction in that a…

  • CVE-2016-4118HigMay 30, 2016
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors.

  • CVE-2018-4994HigMay 19, 2018
    risk 0.50cvss 7.5epss 0.10

    Adobe Connect versions 9.7.5 and earlier have an exploitable Authentication Bypass vulnerability. Successful exploitation could lead to sensitive information disclosure.

Page 1 of 4