Vendor CVEs
Adobe Inc.
All CVEs
7,381 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-21076 | Hig | 0.46 | 7.1 | 0.03 | Mar 12, 2021 | Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction… | ||
| CVE-2021-21075 | Hig | 0.46 | 7.1 | 0.03 | Mar 12, 2021 | Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction… | ||
| CVE-2021-21074 | Hig | 0.46 | 7.1 | 0.03 | Mar 12, 2021 | Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction… | ||
| CVE-2021-21073 | Hig | 0.46 | 7.1 | 0.03 | Mar 12, 2021 | Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction… | ||
| CVE-2021-21072 | Hig | 0.46 | 7.1 | 0.03 | Mar 12, 2021 | Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction… | ||
| CVE-2021-21011 | Hig | 0.46 | 7.0 | 0.02 | Jan 13, 2021 | Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges. | ||
| CVE-2021-21010 | Hig | 0.46 | 7.0 | 0.02 | Jan 13, 2021 | InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious… | ||
| CVE-2021-21008 | Hig | 0.46 | 7.0 | 0.02 | Jan 13, 2021 | Adobe Animate version 21.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||
| CVE-2021-21007 | Hig | 0.46 | 7.0 | 0.02 | Jan 13, 2021 | Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||
| CVE-2020-24447 | Hig | 0.46 | 7.0 | 0.01 | Dec 11, 2020 | Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must… | ||
| CVE-2020-24440 | Hig | 0.46 | 7.0 | 0.01 | Dec 11, 2020 | Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||
| CVE-2020-24400 | Hig | 0.46 | 7.1 | 0.02 | Nov 9, 2020 | Magento versions 2.4.0 and 2.3.5 (and earlier) are affected by an SQL Injection vulnerability that could lead to sensitive information disclosure. This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the… | ||
| CVE-2020-24424 | Hig | 0.46 | 7.0 | 0.01 | Oct 21, 2020 | Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||
| CVE-2020-24423 | Hig | 0.46 | 7.0 | 0.01 | Oct 21, 2020 | Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a… | ||
| CVE-2020-24420 | Hig | 0.46 | 7.0 | 0.01 | Oct 21, 2020 | Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected by an uncontrolled search path element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must… | ||
| CVE-2020-24419 | Hig | 0.46 | 7.0 | 0.01 | Oct 21, 2020 | Adobe After Effects version 17.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open… | ||
| CVE-2020-24422 | Hig | 0.46 | 7.0 | 0.03 | Oct 21, 2020 | Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires… | ||
| CVE-2020-9746 | Hig | 0.46 | 7.0 | 0.04 | Oct 14, 2020 | Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response… | ||
| CVE-2020-9615 | Hig | 0.46 | 7.0 | 0.01 | Jun 25, 2020 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a race condition vulnerability. Successful exploitation could lead to security feature bypass. | ||
| CVE-2021-21015 | Hig | 0.45 | 8.0 | 0.03 | Feb 11, 2021 | Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the… | ||
| CVE-2019-8109 | Hig | 0.45 | 8.0 | 0.01 | Nov 5, 2019 | A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution. | ||
| CVE-2018-5063 | Med | 0.45 | 6.5 | 0.31 | Jul 20, 2018 | Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||
| CVE-2018-12764 | Med | 0.45 | 6.5 | 0.31 | Jul 20, 2018 | Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||
| CVE-2023-26366 | Med | 0.44 | 6.8 | 0.01 | Oct 13, 2023 | Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker… | ||
| CVE-2023-22232 | Med | 0.44 | 5.3 | 0.82 | Feb 17, 2023 | Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of… | ||
| CVE-2022-28247 | Med | 0.44 | 6.7 | 0.00 | May 11, 2022 | Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a… | ||
| CVE-2020-24432 | Med | 0.44 | 6.7 | 0.11 | Nov 5, 2020 | Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript… | ||
| CVE-2020-9738 | Med | 0.44 | 6.8 | 0.02 | Sep 10, 2020 | AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.… | ||
| CVE-2020-9737 | Med | 0.44 | 6.8 | 0.02 | Sep 10, 2020 | AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.… | ||
| CVE-2020-9736 | Med | 0.44 | 6.8 | 0.02 | Sep 10, 2020 | AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.… | ||
| CVE-2020-9735 | Med | 0.44 | 6.8 | 0.02 | Sep 10, 2020 | AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.… | ||
| CVE-2018-4906 | Med | 0.44 | 6.5 | 0.22 | Feb 27, 2018 | An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the… | ||
| CVE-2018-4903 | Med | 0.44 | 6.5 | 0.23 | Feb 27, 2018 | An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the… | ||
| CVE-2022-28818 | Med | 0.43 | 6.1 | 0.41 | May 12, 2022 | ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the… | ||
| CVE-2021-21057 | Med | 0.43 | 6.6 | 0.01 | Feb 11, 2021 | Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this… | ||
| CVE-2021-21042 | Med | 0.43 | 6.5 | 0.15 | Feb 11, 2021 | Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this… | ||
| CVE-2020-9686 | Med | 0.43 | 6.5 | 0.04 | Jul 22, 2020 | Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2020-9679 | Med | 0.43 | 6.5 | 0.05 | Jul 22, 2020 | Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2020-3798 | Med | 0.43 | 6.5 | 0.05 | Jun 26, 2020 | Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure. | ||
| CVE-2020-3796 | Med | 0.43 | 6.5 | 0.04 | Jun 26, 2020 | ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability. Successful exploitation could lead to system file structure disclosure. | ||
| CVE-2020-3767 | Med | 0.43 | 6.5 | 0.03 | Jun 26, 2020 | ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insufficient input validation vulnerability. Successful exploitation could lead to application-level denial-of-service (dos). | ||
| CVE-2019-8000 | Med | 0.43 | 6.5 | 0.03 | Aug 26, 2019 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | ||
| CVE-2019-7999 | Med | 0.43 | 6.5 | 0.04 | Aug 26, 2019 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | ||
| CVE-2019-7987 | Med | 0.43 | 6.5 | 0.03 | Aug 26, 2019 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | ||
| CVE-2019-7981 | Med | 0.43 | 6.5 | 0.03 | Aug 26, 2019 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | ||
| CVE-2019-7977 | Med | 0.43 | 6.5 | 0.03 | Aug 26, 2019 | Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak. | ||
| CVE-2019-8040 | Med | 0.43 | 6.5 | 0.03 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could… | ||
| CVE-2019-7090 | Med | 0.43 | 6.5 | 0.05 | May 24, 2019 | Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful… | ||
| CVE-2019-7075 | Med | 0.43 | 6.5 | 0.04 | May 24, 2019 | Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | ||
| CVE-2019-7045 | Med | 0.43 | 6.5 | 0.03 | May 24, 2019 | Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
- risk 0.46cvss 7.1epss 0.03
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…
- risk 0.46cvss 7.1epss 0.03
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…
- risk 0.46cvss 7.1epss 0.03
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…
- risk 0.46cvss 7.1epss 0.03
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…
- risk 0.46cvss 7.1epss 0.03
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…
- risk 0.46cvss 7.0epss 0.02
Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges.
- risk 0.46cvss 7.0epss 0.02
InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…
- risk 0.46cvss 7.0epss 0.02
Adobe Animate version 21.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- risk 0.46cvss 7.0epss 0.02
Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- risk 0.46cvss 7.0epss 0.01
Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
- risk 0.46cvss 7.0epss 0.01
Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- risk 0.46cvss 7.1epss 0.02
Magento versions 2.4.0 and 2.3.5 (and earlier) are affected by an SQL Injection vulnerability that could lead to sensitive information disclosure. This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the…
- risk 0.46cvss 7.0epss 0.01
Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- risk 0.46cvss 7.0epss 0.01
Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…
- risk 0.46cvss 7.0epss 0.01
Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected by an uncontrolled search path element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
- risk 0.46cvss 7.0epss 0.01
Adobe After Effects version 17.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open…
- risk 0.46cvss 7.0epss 0.03
Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires…
- risk 0.46cvss 7.0epss 0.04
Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response…
- risk 0.46cvss 7.0epss 0.01
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a race condition vulnerability. Successful exploitation could lead to security feature bypass.
- risk 0.45cvss 8.0epss 0.03
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the…
- risk 0.45cvss 8.0epss 0.01
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution.
- risk 0.45cvss 6.5epss 0.31
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
- risk 0.45cvss 6.5epss 0.31
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
- risk 0.44cvss 6.8epss 0.01
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker…
- risk 0.44cvss 5.3epss 0.82
Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of…
- risk 0.44cvss 6.7epss 0.00
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a…
- risk 0.44cvss 6.7epss 0.11
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript…
- risk 0.44cvss 6.8epss 0.02
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…
- risk 0.44cvss 6.8epss 0.02
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…
- risk 0.44cvss 6.8epss 0.02
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…
- risk 0.44cvss 6.8epss 0.02
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…
- risk 0.44cvss 6.5epss 0.22
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the…
- risk 0.44cvss 6.5epss 0.23
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the…
- risk 0.43cvss 6.1epss 0.41
ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the…
- risk 0.43cvss 6.6epss 0.01
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this…
- risk 0.43cvss 6.5epss 0.15
Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this…
- risk 0.43cvss 6.5epss 0.04
Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.43cvss 6.5epss 0.05
Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.43cvss 6.5epss 0.05
Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure.
- risk 0.43cvss 6.5epss 0.04
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability. Successful exploitation could lead to system file structure disclosure.
- risk 0.43cvss 6.5epss 0.03
ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insufficient input validation vulnerability. Successful exploitation could lead to application-level denial-of-service (dos).
- risk 0.43cvss 6.5epss 0.03
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
- risk 0.43cvss 6.5epss 0.04
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
- risk 0.43cvss 6.5epss 0.03
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
- risk 0.43cvss 6.5epss 0.03
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
- risk 0.43cvss 6.5epss 0.03
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
- risk 0.43cvss 6.5epss 0.03
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could…
- risk 0.43cvss 6.5epss 0.05
Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful…
- risk 0.43cvss 6.5epss 0.04
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
- risk 0.43cvss 6.5epss 0.03
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Page 57 of 148