VYPR

Vendor CVEs

Adobe Inc.

All CVEs

7,381 total · sorted by risk
  • CVE-2021-21076HigMar 12, 2021
    risk 0.46cvss 7.1epss 0.03

    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…

  • CVE-2021-21075HigMar 12, 2021
    risk 0.46cvss 7.1epss 0.03

    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…

  • CVE-2021-21074HigMar 12, 2021
    risk 0.46cvss 7.1epss 0.03

    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…

  • CVE-2021-21073HigMar 12, 2021
    risk 0.46cvss 7.1epss 0.03

    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…

  • CVE-2021-21072HigMar 12, 2021
    risk 0.46cvss 7.1epss 0.03

    Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction…

  • CVE-2021-21011HigJan 13, 2021
    risk 0.46cvss 7.0epss 0.02

    Adobe Captivate 2019 version 11.5.1.499 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. An attacker with permissions to write to the file system could leverage this vulnerability to escalate privileges.

  • CVE-2021-21010HigJan 13, 2021
    risk 0.46cvss 7.0epss 0.02

    InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious…

  • CVE-2021-21008HigJan 13, 2021
    risk 0.46cvss 7.0epss 0.02

    Adobe Animate version 21.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  • CVE-2021-21007HigJan 13, 2021
    risk 0.46cvss 7.0epss 0.02

    Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  • CVE-2020-24447HigDec 11, 2020
    risk 0.46cvss 7.0epss 0.01

    Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…

  • CVE-2020-24440HigDec 11, 2020
    risk 0.46cvss 7.0epss 0.01

    Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  • CVE-2020-24400HigNov 9, 2020
    risk 0.46cvss 7.1epss 0.02

    Magento versions 2.4.0 and 2.3.5 (and earlier) are affected by an SQL Injection vulnerability that could lead to sensitive information disclosure. This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the…

  • CVE-2020-24424HigOct 21, 2020
    risk 0.46cvss 7.0epss 0.01

    Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  • CVE-2020-24423HigOct 21, 2020
    risk 0.46cvss 7.0epss 0.01

    Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a…

  • CVE-2020-24420HigOct 21, 2020
    risk 0.46cvss 7.0epss 0.01

    Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected by an uncontrolled search path element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…

  • CVE-2020-24419HigOct 21, 2020
    risk 0.46cvss 7.0epss 0.01

    Adobe After Effects version 17.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open…

  • CVE-2020-24422HigOct 21, 2020
    risk 0.46cvss 7.0epss 0.03

    Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires…

  • CVE-2020-9746HigOct 14, 2020
    risk 0.46cvss 7.0epss 0.04

    Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response…

  • CVE-2020-9615HigJun 25, 2020
    risk 0.46cvss 7.0epss 0.01

    Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a race condition vulnerability. Successful exploitation could lead to security feature bypass.

  • CVE-2021-21015HigFeb 11, 2021
    risk 0.45cvss 8.0epss 0.03

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the…

  • CVE-2019-8109HigNov 5, 2019
    risk 0.45cvss 8.0epss 0.01

    A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can craft a malicious CSRF payload that can result in arbitrary command execution.

  • CVE-2018-5063MedJul 20, 2018
    risk 0.45cvss 6.5epss 0.31

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12764MedJul 20, 2018
    risk 0.45cvss 6.5epss 0.31

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2023-26366MedOct 13, 2023
    risk 0.44cvss 6.8epss 0.01

    Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker…

  • CVE-2023-22232MedFeb 17, 2023
    risk 0.44cvss 5.3epss 0.82

    Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of…

  • CVE-2022-28247MedMay 11, 2022
    risk 0.44cvss 6.7epss 0.00

    Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a…

  • CVE-2020-24432MedNov 5, 2020
    risk 0.44cvss 6.7epss 0.11

    Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript…

  • CVE-2020-9738MedSep 10, 2020
    risk 0.44cvss 6.8epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2020-9737MedSep 10, 2020
    risk 0.44cvss 6.8epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2020-9736MedSep 10, 2020
    risk 0.44cvss 6.8epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2020-9735MedSep 10, 2020
    risk 0.44cvss 6.8epss 0.02

    AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields.…

  • CVE-2018-4906MedFeb 27, 2018
    risk 0.44cvss 6.5epss 0.22

    An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the…

  • CVE-2018-4903MedFeb 27, 2018
    risk 0.44cvss 6.5epss 0.23

    An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the…

  • CVE-2022-28818MedMay 12, 2022
    risk 0.43cvss 6.1epss 0.41

    ColdFusion versions CF2021U3 (and earlier) and CF2018U13 are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the…

  • CVE-2021-21057MedFeb 11, 2021
    risk 0.43cvss 6.6epss 0.01

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this…

  • CVE-2021-21042MedFeb 11, 2021
    risk 0.43cvss 6.5epss 0.15

    Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this…

  • CVE-2020-9686MedJul 22, 2020
    risk 0.43cvss 6.5epss 0.04

    Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-9679MedJul 22, 2020
    risk 0.43cvss 6.5epss 0.05

    Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2020-3798MedJun 26, 2020
    risk 0.43cvss 6.5epss 0.05

    Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2020-3796MedJun 26, 2020
    risk 0.43cvss 6.5epss 0.04

    ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an improper access control vulnerability. Successful exploitation could lead to system file structure disclosure.

  • CVE-2020-3767MedJun 26, 2020
    risk 0.43cvss 6.5epss 0.03

    ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insufficient input validation vulnerability. Successful exploitation could lead to application-level denial-of-service (dos).

  • CVE-2019-8000MedAug 26, 2019
    risk 0.43cvss 6.5epss 0.03

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.

  • CVE-2019-7999MedAug 26, 2019
    risk 0.43cvss 6.5epss 0.04

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.

  • CVE-2019-7987MedAug 26, 2019
    risk 0.43cvss 6.5epss 0.03

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.

  • CVE-2019-7981MedAug 26, 2019
    risk 0.43cvss 6.5epss 0.03

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.

  • CVE-2019-7977MedAug 26, 2019
    risk 0.43cvss 6.5epss 0.03

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.

  • CVE-2019-8040MedAug 20, 2019
    risk 0.43cvss 6.5epss 0.03

    Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could…

  • CVE-2019-7090MedMay 24, 2019
    risk 0.43cvss 6.5epss 0.05

    Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful…

  • CVE-2019-7075MedMay 24, 2019
    risk 0.43cvss 6.5epss 0.04

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

  • CVE-2019-7045MedMay 24, 2019
    risk 0.43cvss 6.5epss 0.03

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Page 57 of 148