VYPR

Vendor CVEs

Adobe Inc.

All CVEs

7,428 total · sorted by risk
  • CVE-2021-40713MedSep 27, 2021
    risk 0.38cvss 5.9epss 0.01

    Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a improper certificate validation vulnerability in the cold storage component. If an attacker can achieve a man in the middle when the cold server establishes a new certificate, they would be able to harvest…

  • CVE-2021-39828MedSep 27, 2021
    risk 0.38cvss 5.8epss 0.01

    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation…

  • CVE-2021-28568MedSep 8, 2021
    risk 0.38cvss 5.8epss 0.01

    Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. A local authenticated attacker could leverage this vulnerability to achieve privilege escalation in the context of the current user.

  • CVE-2021-28556MedJun 28, 2021
    risk 0.38cvss 6.9epss 0.01

    Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker.…

  • CVE-2021-21087MedApr 15, 2021
    risk 0.38cvss 5.4epss 0.37

    Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An attacker could abuse this vulnerability to execute…

  • CVE-2020-24444MedDec 10, 2020
    risk 0.38cvss 5.8epss 0.02

    AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information…

  • CVE-2020-3808MedMar 25, 2020
    risk 0.38cvss 5.9epss 0.01

    Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion.

  • CVE-2023-26361MedMar 23, 2023
    risk 0.37cvss 4.9epss 0.62

    Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Exploitation of this issue does…

  • CVE-2022-28263MedMay 11, 2022
    risk 0.37cvss 5.5epss 0.09

    Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An…

  • CVE-2022-28262MedMay 11, 2022
    risk 0.37cvss 5.5epss 0.09

    Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An…

  • CVE-2022-28258MedMay 11, 2022
    risk 0.37cvss 5.5epss 0.10

    Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An…

  • CVE-2022-28246MedMay 11, 2022
    risk 0.37cvss 5.5epss 0.10

    Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An…

  • CVE-2021-21032MedFeb 11, 2021
    risk 0.37cvss 5.6epss 0.02

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation of this issue could lead to unauthorized access to restricted resources. Access to the admin console is not required for…

  • CVE-2021-21031MedFeb 11, 2021
    risk 0.37cvss 5.6epss 0.02

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation could lead to unauthorized access to restricted resources. Access to the admin console is not required for successful…

  • CVE-2018-15956MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-15953MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-15932MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.19

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-15927MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12875MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12874MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12873MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12872MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12871MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12870MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12869MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12867MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12866MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12859MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12857MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12839MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.20

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2018-12838MedOct 12, 2018
    risk 0.37cvss 5.5epss 0.12

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a stack overflow vulnerability. Successful exploitation could lead to information disclosure.

  • CVE-2026-47963MedJun 16, 2026
    risk 0.36cvss 5.5epss 0.00

    DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in…

  • CVE-2026-47934MedJun 16, 2026
    risk 0.36cvss 5.5epss 0.00

    DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in…

  • CVE-2026-47927MedJun 16, 2026
    risk 0.36cvss 5.5epss 0.00

    DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in…

  • CVE-2026-34657MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in an arbitrary file system write. An attacker could leverage this…

  • CVE-2026-47961MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue…

  • CVE-2026-47926MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue…

  • CVE-2026-47925MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a…

  • CVE-2026-47924MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires…

  • CVE-2026-47923MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue…

  • CVE-2026-34705MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user…

  • CVE-2026-34704MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.…

  • CVE-2026-34703MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.…

  • CVE-2026-34663MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user…

  • CVE-2026-27301MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user…

  • CVE-2026-27300MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction…

  • CVE-2026-27222MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or render it unresponsive. Exploitation of this issue requires user…

  • CVE-2026-27258MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation…

  • CVE-2026-27286MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires…

  • CVE-2026-27285MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of…

Page 74 of 149