VYPR

Dreamweaver

by Adobe Inc.

CVEs (21)

  • CVE-2026-47906HigJun 9, 2026
    risk 0.56cvss 8.6epss 0.00

    Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim…

  • CVE-2026-47907HigJun 9, 2026
    risk 0.53cvss 8.2epss 0.00

    Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope.…

  • CVE-2026-47908HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2026-47910MedJun 9, 2026
    risk 0.41cvss 6.3epss 0.00

    Dreamweaver Desktop versions 21.7 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope.…

  • CVE-2026-47909MedJun 9, 2026
    risk 0.41cvss 6.3epss 0.00

    Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope.…

  • CVE-2010-3132Aug 26, 2010
    risk 0.04cvss epss 0.14

    Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2)…

  • CVE-2026-21267Jan 13, 2026
    risk 0.00cvss epss 0.01

    Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user…

  • CVE-2026-21271Jan 13, 2026
    risk 0.00cvss epss 0.00

    Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2026-21274Jan 13, 2026
    risk 0.00cvss epss 0.00

    Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute…

  • CVE-2026-21272Jan 13, 2026
    risk 0.00cvss epss 0.00

    Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An attacker could leverage this vulnerability to manipulate or inject malicious data into files on the system. Exploitation of…

  • CVE-2026-21268Jan 13, 2026
    risk 0.00cvss epss 0.00

    Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2025-54256Sep 9, 2025
    risk 0.00cvss epss 0.00

    Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a…

  • CVE-2025-30310May 13, 2025
    risk 0.00cvss epss 0.00

    Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in…

  • CVE-2024-30314May 16, 2024
    risk 0.00cvss epss 0.01

    Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does require user…

  • CVE-2021-21055Feb 11, 2021
    risk 0.00cvss epss 0.01

    Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries…

  • CVE-2020-24425Oct 21, 2020
    risk 0.00cvss epss 0.01

    Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with…

  • CVE-2019-7956Jul 18, 2019
    risk 0.00cvss epss 0.03

    Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user.

  • CVE-2019-7097May 23, 2019
    risk 0.00cvss epss 0.04

    Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol implementation vulnerability. Successful exploitation could lead to sensitive data disclosure if smb request is subject to a relay attack.

  • CVE-2008-6062Feb 5, 2009
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName…

  • CVE-2006-2042May 9, 2006
    risk 0.00cvss epss 0.05

    Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.

Page 1 of 2