VYPR

Vendor CVEs

Adobe Inc.

All CVEs

7,384 total · sorted by risk
  • CVE-2020-10145HigMay 27, 2021
    risk 0.51cvss 7.8epss 0.01

    The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default installation directory, such as C:\ColdFusion2021\. By default, unprivileged users can create files in this directory structure, which creates a privilege-escalation vulnerability.

  • CVE-2020-9668HigApr 16, 2021
    risk 0.51cvss 7.8epss 0.02

    Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.

  • CVE-2021-28549HigApr 15, 2021
    risk 0.51cvss 7.8epss 0.07

    Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the…

  • CVE-2021-28548HigApr 15, 2021
    risk 0.51cvss 7.8epss 0.06

    Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the…

  • CVE-2021-21100HigApr 15, 2021
    risk 0.51cvss 7.8epss 0.02

    Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user.…

  • CVE-2021-21095HigApr 15, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current…

  • CVE-2021-21094HigApr 15, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the…

  • CVE-2021-21093HigApr 15, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the…

  • CVE-2021-21092HigApr 15, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the…

  • CVE-2021-21085HigMar 12, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. An attacker could exploit this vulnerability by injecting a payload into an online event form and achieve code execution if the victim exports and opens the data on…

  • CVE-2021-21082HigMar 12, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the…

  • CVE-2021-21077HigMar 12, 2021
    risk 0.51cvss 7.8epss 0.07

    Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user…

  • CVE-2021-21071HigMar 12, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction…

  • CVE-2021-21069HigMar 12, 2021
    risk 0.51cvss 7.8epss 0.02

    Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user…

  • CVE-2021-21067HigMar 12, 2021
    risk 0.51cvss 7.8epss 0.03

    Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current…

  • CVE-2021-21066HigFeb 25, 2021
    risk 0.51cvss 7.8epss 0.03

    Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2021-21065HigFeb 25, 2021
    risk 0.51cvss 7.8epss 0.03

    Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2021-21063HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this…

  • CVE-2021-21062HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this…

  • CVE-2021-21059HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this…

  • CVE-2021-21058HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this…

  • CVE-2021-21054HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of…

  • CVE-2021-21053HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.02

    Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of…

  • CVE-2021-21052HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.04

    Adobe Animate version 21.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user…

  • CVE-2021-21051HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.07

    Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted javascript file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the…

  • CVE-2021-21050HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of…

  • CVE-2021-21049HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of…

  • CVE-2021-21048HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the…

  • CVE-2021-21047HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this…

  • CVE-2021-21044HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.04

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to…

  • CVE-2021-21041HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in…

  • CVE-2021-21040HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in…

  • CVE-2021-21039HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in…

  • CVE-2021-21038HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to…

  • CVE-2021-21037HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in…

  • CVE-2021-21036HigFeb 11, 2021
    risk 0.51cvss 7.8epss 0.03

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in…

  • CVE-2021-21028HigFeb 11, 2021
    risk 0.51cvss 8.8epss 0.04

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in…

  • CVE-2020-24418HigOct 21, 2020
    risk 0.51cvss 7.8epss 0.03

    Adobe After Effects version 17.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .aepx file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the…

  • CVE-2020-9750HigOct 21, 2020
    risk 0.51cvss 7.8epss 0.04

    Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability, which could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.

  • CVE-2020-9749HigOct 21, 2020
    risk 0.51cvss 7.8epss 0.04

    Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.

  • CVE-2020-9748HigOct 21, 2020
    risk 0.51cvss 7.8epss 0.06

    Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.

  • CVE-2020-9747HigOct 21, 2020
    risk 0.51cvss 7.8epss 0.04

    Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.

  • CVE-2020-24415HigOct 20, 2020
    risk 0.51cvss 7.8epss 0.03

    Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction…

  • CVE-2020-24414HigOct 20, 2020
    risk 0.51cvss 7.8epss 0.03

    Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction…

  • CVE-2020-24413HigOct 20, 2020
    risk 0.51cvss 7.8epss 0.03

    Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction…

  • CVE-2020-24412HigOct 20, 2020
    risk 0.51cvss 7.8epss 0.03

    Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction…

  • CVE-2020-24411HigOct 20, 2020
    risk 0.51cvss 7.8epss 0.04

    Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the…

  • CVE-2020-24410HigOct 20, 2020
    risk 0.51cvss 7.8epss 0.05

    Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the…

  • CVE-2020-24409HigOct 20, 2020
    risk 0.51cvss 7.8epss 0.05

    Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the…

  • CVE-2020-9730HigSep 10, 2020
    risk 0.51cvss 7.8epss 0.03

    A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.

Page 45 of 148