Vendor CVEs
Adobe Inc.
All CVEs
7,262 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-0529 | 0.00 | — | 0.06 | May 14, 2014 | Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2014-0528 | 0.00 | — | 0.05 | May 14, 2014 | Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2014-0526 | 0.00 | — | 0.05 | May 14, 2014 | Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and… | |||
| CVE-2014-0525 | 0.00 | — | 0.06 | May 14, 2014 | The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls. | |||
| CVE-2014-0524 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and… | |||
| CVE-2014-0523 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0524, and… | |||
| CVE-2014-0522 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and… | |||
| CVE-2014-0520 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability… | |||
| CVE-2014-0519 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability… | |||
| CVE-2014-0518 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability… | |||
| CVE-2014-0517 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability… | |||
| CVE-2014-0516 | 0.00 | — | 0.04 | May 14, 2014 | Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors. | |||
| CVE-2014-0513 | 0.00 | — | 0.06 | May 14, 2014 | Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2014-0509 | 0.00 | — | 0.03 | Apr 8, 2014 | Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK &… | |||
| CVE-2014-0508 | 0.00 | — | 0.05 | Apr 8, 2014 | Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass… | |||
| CVE-2014-0512 | 0.00 | — | 0.05 | Mar 27, 2014 | Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. | |||
| CVE-2014-0505 | 0.00 | — | 0.05 | Mar 14, 2014 | Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2014-0504 | 0.00 | — | 0.04 | Mar 12, 2014 | Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors. | |||
| CVE-2014-0503 | 0.00 | — | 0.04 | Mar 12, 2014 | Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | |||
| CVE-2014-1887 | 0.00 | — | 0.01 | Mar 3, 2014 | The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult sites,… | |||
| CVE-2014-1886 | 0.00 | — | 0.01 | Mar 3, 2014 | The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern European… | |||
| CVE-2014-1885 | 0.00 | — | 0.02 | Mar 3, 2014 | The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication advertising… | |||
| CVE-2014-1883 | 0.00 | — | 0.04 | Mar 3, 2014 | Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2)… | |||
| CVE-2014-0499 | 0.00 | — | 0.04 | Feb 21, 2014 | Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent… | |||
| CVE-2014-0501 | 0.00 | — | 0.06 | Feb 12, 2014 | Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500. | |||
| CVE-2014-0500 | 0.00 | — | 0.06 | Feb 12, 2014 | Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501. | |||
| CVE-2014-0494 | 0.00 | — | 0.05 | Jan 23, 2014 | Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | |||
| CVE-2014-0495 | 0.00 | — | 0.04 | Jan 15, 2014 | Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0493. | |||
| CVE-2014-0493 | 0.00 | — | 0.05 | Jan 15, 2014 | Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0495. | |||
| CVE-2014-0492 | 0.00 | — | 0.06 | Jan 15, 2014 | Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR… | |||
| CVE-2013-5334 | 0.00 | — | 0.04 | Dec 11, 2013 | Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5333. | |||
| CVE-2013-5333 | 0.00 | — | 0.04 | Dec 11, 2013 | Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334. | |||
| CVE-2013-5332 | 0.00 | — | 0.05 | Dec 11, 2013 | Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute… | |||
| CVE-2013-5329 | 0.00 | — | 0.06 | Nov 13, 2013 | Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute… | |||
| CVE-2013-5328 | 0.00 | — | 0.03 | Nov 13, 2013 | Adobe ColdFusion 10 before Update 12 allows remote attackers to read arbitrary files via unspecified vectors. | |||
| CVE-2013-5326 | 0.00 | — | 0.02 | Nov 13, 2013 | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web script or HTML via… | |||
| CVE-2013-5327 | 0.00 | — | 0.04 | Oct 9, 2013 | MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2013-5325 | 0.00 | — | 0.04 | Oct 9, 2013 | Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document. | |||
| CVE-2010-5290 | 0.00 | — | 0.06 | Sep 20, 2013 | The authentication process in Adobe ColdFusion before 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent attackers to obtain administrative privileges by leveraging read access to the configuration… | |||
| CVE-2013-5324 | 0.00 | — | 0.06 | Sep 12, 2013 | Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before… | |||
| CVE-2013-3363 | 0.00 | — | 0.06 | Sep 12, 2013 | Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before… | |||
| CVE-2013-3362 | 0.00 | — | 0.06 | Sep 12, 2013 | Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before… | |||
| CVE-2013-3361 | 0.00 | — | 0.06 | Sep 12, 2013 | Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before… | |||
| CVE-2013-3360 | 0.00 | — | 0.05 | Sep 12, 2013 | Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359. | |||
| CVE-2013-3359 | 0.00 | — | 0.04 | Sep 12, 2013 | Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3360. | |||
| CVE-2013-3355 | 0.00 | — | 0.05 | Sep 12, 2013 | Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354. | |||
| CVE-2013-3354 | 0.00 | — | 0.05 | Sep 12, 2013 | Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3355. | |||
| CVE-2013-3352 | 0.00 | — | 0.05 | Sep 12, 2013 | Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3354 and CVE-2013-3355. | |||
| CVE-2013-1377 | 0.00 | — | 0.04 | Jul 31, 2013 | Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2013-3349 | 0.00 | — | 0.02 | Jul 10, 2013 | Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when the JRun application server is used, allows remote attackers to cause a denial of service via unknown vectors. |
- CVE-2014-0529May 14, 2014risk 0.00cvss —epss 0.06
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2014-0528May 14, 2014risk 0.00cvss —epss 0.05
Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
- CVE-2014-0526May 14, 2014risk 0.00cvss —epss 0.05
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and…
- CVE-2014-0525May 14, 2014risk 0.00cvss —epss 0.06
The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls.
- CVE-2014-0524May 14, 2014risk 0.00cvss —epss 0.04
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and…
- CVE-2014-0523May 14, 2014risk 0.00cvss —epss 0.04
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0524, and…
- CVE-2014-0522May 14, 2014risk 0.00cvss —epss 0.04
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and…
- CVE-2014-0520May 14, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability…
- CVE-2014-0519May 14, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability…
- CVE-2014-0518May 14, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability…
- CVE-2014-0517May 14, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability…
- CVE-2014-0516May 14, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
- CVE-2014-0513May 14, 2014risk 0.00cvss —epss 0.06
Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote attackers to execute arbitrary code via unspecified vectors.
- CVE-2014-0509Apr 8, 2014risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK &…
- CVE-2014-0508Apr 8, 2014risk 0.00cvss —epss 0.05
Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass…
- CVE-2014-0512Mar 27, 2014risk 0.00cvss —epss 0.05
Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
- CVE-2014-0505Mar 14, 2014risk 0.00cvss —epss 0.05
Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
- CVE-2014-0504Mar 12, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors.
- CVE-2014-0503Mar 12, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- CVE-2014-1887Mar 3, 2014risk 0.00cvss —epss 0.01
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult sites,…
- CVE-2014-1886Mar 3, 2014risk 0.00cvss —epss 0.01
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern European…
- CVE-2014-1885Mar 3, 2014risk 0.00cvss —epss 0.02
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication advertising…
- CVE-2014-1883Mar 3, 2014risk 0.00cvss —epss 0.04
Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2)…
- CVE-2014-0499Feb 21, 2014risk 0.00cvss —epss 0.04
Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent…
- CVE-2014-0501Feb 12, 2014risk 0.00cvss —epss 0.06
Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500.
- CVE-2014-0500Feb 12, 2014risk 0.00cvss —epss 0.06
Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501.
- CVE-2014-0494Jan 23, 2014risk 0.00cvss —epss 0.05
Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
- CVE-2014-0495Jan 15, 2014risk 0.00cvss —epss 0.04
Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0493.
- CVE-2014-0493Jan 15, 2014risk 0.00cvss —epss 0.05
Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0495.
- CVE-2014-0492Jan 15, 2014risk 0.00cvss —epss 0.06
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR…
- CVE-2013-5334Dec 11, 2013risk 0.00cvss —epss 0.04
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5333.
- CVE-2013-5333Dec 11, 2013risk 0.00cvss —epss 0.04
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334.
- CVE-2013-5332Dec 11, 2013risk 0.00cvss —epss 0.05
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute…
- CVE-2013-5329Nov 13, 2013risk 0.00cvss —epss 0.06
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute…
- CVE-2013-5328Nov 13, 2013risk 0.00cvss —epss 0.03
Adobe ColdFusion 10 before Update 12 allows remote attackers to read arbitrary files via unspecified vectors.
- CVE-2013-5326Nov 13, 2013risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web script or HTML via…
- CVE-2013-5327Oct 9, 2013risk 0.00cvss —epss 0.04
MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
- CVE-2013-5325Oct 9, 2013risk 0.00cvss —epss 0.04
Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document.
- CVE-2010-5290Sep 20, 2013risk 0.00cvss —epss 0.06
The authentication process in Adobe ColdFusion before 10 does not require knowledge of the cleartext password if the password hash is known, which makes it easier for context-dependent attackers to obtain administrative privileges by leveraging read access to the configuration…
- CVE-2013-5324Sep 12, 2013risk 0.00cvss —epss 0.06
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before…
- CVE-2013-3363Sep 12, 2013risk 0.00cvss —epss 0.06
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before…
- CVE-2013-3362Sep 12, 2013risk 0.00cvss —epss 0.06
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before…
- CVE-2013-3361Sep 12, 2013risk 0.00cvss —epss 0.06
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before…
- CVE-2013-3360Sep 12, 2013risk 0.00cvss —epss 0.05
Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359.
- CVE-2013-3359Sep 12, 2013risk 0.00cvss —epss 0.04
Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3360.
- CVE-2013-3355Sep 12, 2013risk 0.00cvss —epss 0.05
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354.
- CVE-2013-3354Sep 12, 2013risk 0.00cvss —epss 0.05
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3355.
- CVE-2013-3352Sep 12, 2013risk 0.00cvss —epss 0.05
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3354 and CVE-2013-3355.
- CVE-2013-1377Jul 31, 2013risk 0.00cvss —epss 0.04
Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
- CVE-2013-3349Jul 10, 2013risk 0.00cvss —epss 0.02
Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when the JRun application server is used, allows remote attackers to cause a denial of service via unknown vectors.
Page 135 of 146