VYPR

Creative Cloud Desktop Application

by Adobe Inc.

CVEs (32)

  • CVE-2019-8063HigAug 16, 2019
    risk 0.49cvss 7.5epss 0.04

    Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage.

  • CVE-2019-7957HigAug 16, 2019
    risk 0.49cvss 7.5epss 0.04

    Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service.

  • CVE-2021-28613HigSep 27, 2021
    risk 0.48cvss 7.4epss 0.00

    Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue requires local access, administrator privileges and user interaction.

  • CVE-2021-28581HigSep 8, 2021
    risk 0.48cvss 7.3epss 0.01

    Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine.

  • CVE-2016-4158HigJun 16, 2016
    risk 0.48cvss 7.3epss 0.03

    Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

  • CVE-2016-4157HigJun 16, 2016
    risk 0.48cvss 7.3epss 0.01

    Untrusted search path vulnerability in the installer in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

  • CVE-2022-23202HigFeb 16, 2022
    risk 0.46cvss 7.0epss 0.02

    Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim…

  • CVE-2020-24422HigOct 21, 2020
    risk 0.46cvss 7.0epss 0.03

    Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires…

  • CVE-2021-21078MedMar 12, 2021
    risk 0.42cvss 6.5epss 0.01

    Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution in the process of the current user. Exploitation of this issue requires user…

  • CVE-2021-28633MedAug 24, 2021
    risk 0.40cvss 6.1epss 0.00

    Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of…

  • CVE-2021-21068MedMar 12, 2021
    risk 0.40cvss 6.1epss 0.01

    Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.

  • CVE-2020-3808MedMar 25, 2020
    risk 0.38cvss 5.9epss 0.01

    Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion.

Page 2 of 2