Skip to main content

Adobe

5604 CVEs vendor

Monthly

CVE-2021-28576 MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
4.3
EPSS
2.6%
CVE-2021-28575 MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
4.3
EPSS
2.8%
CVE-2021-28574 MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
4.3
EPSS
2.8%
CVE-2021-28573 MEDIUM PATCH This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
6.5
EPSS
3.0%
CVE-2021-28570 HIGH This Week

Adobe After Effects version 18.1 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe After Effects
NVD
CVSS 3.1
8.6
EPSS
1.8%
CVE-2021-28563 PHP MEDIUM PATCH This Month

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by an Improper Authorization vulnerability via the 'Create Customer' endpoint. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-28562 HIGH PATCH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability when executing search. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Memory Corruption Use After Free Adobe Denial Of Service +2
NVD
CVSS 3.1
8.8
EPSS
5.1%
CVE-2021-28556 PHP MEDIUM PATCH This Month

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
CVSS 3.1
4.8
EPSS
1.4%
CVE-2021-21102 HIGH This Week

Adobe Illustrator version 25.2 (and earlier) is affected by a Path Traversal vulnerability when parsing a specially crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Adobe Illustrator
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2021-21101 HIGH This Week

Adobe Illustrator version 25.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2021-21099 HIGH This Week

Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Indesign
NVD
CVSS 3.1
8.8
EPSS
5.8%
CVE-2021-21098 HIGH This Week

Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Indesign
NVD
CVSS 3.1
8.8
EPSS
5.8%
CVE-2021-21090 HIGH This Week

Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Adobe Incopy
NVD
CVSS 3.1
8.8
EPSS
5.4%
CVE-2021-32684 npm MEDIUM PATCH This Month

magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Adobe Magento Scripts
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-21427 PHP HIGH PATCH This Week

Magento-lts is a long-term support alternative to Magento Community Edition (CE). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Adobe Magento
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2021-21426 PHP CRITICAL PATCH Act Now

Magento-lts is a long-term support alternative to Magento Community Edition (CE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Adobe Magento
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-21070 MEDIUM PATCH This Month

Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Privilege Escalation Adobe Robohelp
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2021-28549 HIGH This Week

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Photoshop
NVD
CVSS 3.1
7.8
EPSS
6.5%
CVE-2021-28548 HIGH This Week

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
6.4%
CVE-2021-21100 HIGH This Week

Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Digital Editions
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2021-21096 MEDIUM This Month

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper Authorization vulnerability in the Genuine Software Service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Adobe Authentication Bypass Bridge
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2021-21095 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
3.9%
CVE-2021-21094 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2021-21093 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
3.9%
CVE-2021-21092 HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
3.9%
CVE-2021-21091 LOW Monitor

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds read vulnerability when parsing a crafted file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Bridge
NVD
CVSS 3.0
3.3
EPSS
2.4%
CVE-2021-21087 MEDIUM POC PATCH THREAT This Month

Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Adobe Coldfusion
NVD
CVSS 3.1
5.4
EPSS
37.1%
CVE-2021-28546 MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat Acrobat Dc Acrobat Reader +1
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-28545 HIGH PATCH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Adobe Acrobat Acrobat Dc Acrobat Reader +1
NVD
CVSS 3.1
8.1
EPSS
2.3%
CVE-2021-21085 HIGH This Week

Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Connect
NVD
CVSS 3.1
7.8
EPSS
3.7%
CVE-2021-21082 HIGH This Week

Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Photoshop
NVD
CVSS 3.1
7.8
EPSS
4.5%
CVE-2021-21080 MEDIUM This Month

Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Connect
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2021-21079 MEDIUM This Month

Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Connect
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-21078 MEDIUM This Month

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Adobe Creative Cloud Desktop Application
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-21077 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
7.5%
CVE-2021-21076 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.2%
CVE-2021-21075 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.0%
CVE-2021-21074 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.2%
CVE-2021-21073 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.0
7.1
EPSS
3.0%
CVE-2021-21072 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Animate
NVD
CVSS 3.1
7.1
EPSS
3.0%
CVE-2021-21071 HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
4.2%
CVE-2021-21069 HIGH PATCH This Week

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Adobe Creative Cloud Desktop Application
NVD
CVSS 3.0
7.8
EPSS
2.5%
CVE-2021-21068 MEDIUM This Month

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Adobe Creative Cloud Desktop Application
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-21067 HIGH This Week

Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Photoshop 2020
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2021-21056 HIGH PATCH This Week

Adobe Framemaker version 2020.0.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Information Disclosure Adobe Framemaker
NVD
CVSS 3.0
7.8
EPSS
21.2%
CVE-2021-21066 HIGH PATCH This Week

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2021-21065 HIGH PATCH This Week

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.0
7.8
EPSS
3.4%
CVE-2021-21064 MEDIUM This Month

Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Adobe Upward Connector Upward Php
NVD GitHub
CVSS 3.0
4.9
EPSS
8.5%
CVE-2021-21063 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2021-21062 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2021-21059 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2021-21058 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2021-21055 MEDIUM This Month

Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. Rated medium severity (CVSS 6.2). No vendor patch available.

Information Disclosure Adobe Dreamweaver
NVD
CVSS 3.1
6.2
EPSS
0.8%
CVE-2021-21054 HIGH This Week

Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.0
7.8
EPSS
3.8%
CVE-2021-21053 HIGH This Week

Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-21052 HIGH This Week

Adobe Animate version 21.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Animate
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2021-21051 HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted javascript file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
7.2%
CVE-2021-21050 HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
3.4%
CVE-2021-21049 HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
3.4%
CVE-2021-21048 HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2021-21047 HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Photoshop
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2021-21014 PHP CRITICAL PATCH Act Now

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Adobe Magento
NVD
CVSS 3.0
9.1
EPSS
4.2%
CVE-2021-21061 LOW Monitor

Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Information Disclosure Adobe Acrobat +3
NVD
CVSS 3.0
3.3
EPSS
2.0%
CVE-2021-21060 MEDIUM This Month

Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat Acrobat Dc Acrobat Reader +1
NVD
CVSS 3.1
4.6
EPSS
1.6%
CVE-2021-21057 MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
6.6
EPSS
1.1%
CVE-2021-21046 LOW Monitor

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.0
3.3
EPSS
1.7%
CVE-2021-21045 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Adobe Authentication Bypass Acrobat Acrobat Dc Acrobat Reader +1
NVD
CVSS 3.1
8.2
EPSS
1.7%
CVE-2021-21044 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.0
7.8
EPSS
3.5%
CVE-2021-21042 MEDIUM This Month

Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
6.5
EPSS
14.7%
CVE-2021-21041 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-21040 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-21039 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2021-21038 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat +3
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2021-21037 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2021-21036 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Integer Overflow Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-21035 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2021-21034 MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Acrobat Acrobat Dc +2
NVD
CVSS 3.1
4.3
EPSS
2.5%
CVE-2021-21033 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2021-21032 PHP MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Magento
NVD
CVSS 3.0
5.6
EPSS
1.6%
CVE-2021-21031 PHP MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Magento
NVD
CVSS 3.0
5.6
EPSS
1.7%
CVE-2021-21030 PHP HIGH PATCH This Week

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
CVSS 3.0
8.1
EPSS
5.6%
CVE-2021-21029 PHP MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
CVSS 3.1
4.8
EPSS
84.7%
CVE-2021-21028 Maven HIGH PATCH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2021-21027 PHP MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via the GraphQL API. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Adobe Magento
NVD
CVSS 3.0
4.3
EPSS
1.7%
CVE-2021-21026 PHP MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2021-21025 PHP CRITICAL PATCH Act Now

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe Magento
NVD
CVSS 3.0
9.1
EPSS
3.3%
CVE-2021-21024 PHP CRITICAL PATCH Act Now

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a blind SQL injection vulnerability in the Search module. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Adobe Magento
NVD
CVSS 3.0
9.1
EPSS
2.8%
CVE-2021-21023 PHP MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
CVSS 3.0
4.8
EPSS
1.6%
CVE-2021-21022 PHP MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2021-21021 HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free Adobe Denial Of Service +4
NVD
CVSS 3.1
8.8
EPSS
4.0%
EPSS 3% CVSS 4.3
MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Adobe Animate version 21.0.5 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 2% CVSS 8.6
HIGH This Week

Adobe After Effects version 18.1 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe After Effects
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by an Improper Authorization vulnerability via the 'Create Customer' endpoint. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability when executing search. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Memory Corruption Use After Free +4
NVD
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Adobe Illustrator version 25.2 (and earlier) is affected by a Path Traversal vulnerability when parsing a specially crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Adobe +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Adobe Illustrator version 25.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 6% CVSS 8.8
HIGH This Week

Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 6% CVSS 8.8
HIGH This Week

Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 5% CVSS 8.8
HIGH This Week

Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Adobe +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Adobe Magento Scripts
NVD GitHub
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Magento-lts is a long-term support alternative to Magento Community Edition (CE). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Adobe +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Magento-lts is a long-term support alternative to Magento Community Edition (CE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Adobe Magento
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Privilege Escalation Adobe Robohelp
NVD
EPSS 7% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +1
NVD
EPSS 6% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Digital Editions
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper Authorization vulnerability in the Genuine Software Service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Adobe Authentication Bypass Bridge
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +1
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +1
NVD
EPSS 2% CVSS 3.3
LOW Monitor

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds read vulnerability when parsing a crafted file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 37% CVSS 5.4
MEDIUM POC PATCH THREAT This Month

Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Adobe Coldfusion
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat +3
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Adobe Acrobat +3
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Connect
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Connect
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Adobe Connect version 11.0.7 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Connect
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Adobe Creative Cloud Desktop Application
NVD
EPSS 8% CVSS 7.8
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow +2
NVD
EPSS 3% CVSS 7.1
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 3% CVSS 7.1
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 3% CVSS 7.1
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 3% CVSS 7.1
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 3% CVSS 7.1
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe +1
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Adobe Creative Cloud Desktop Application
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Adobe Creative Cloud Desktop Application
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 21% CVSS 7.8
HIGH PATCH This Week

Adobe Framemaker version 2020.0.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Information Disclosure +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 9% CVSS 4.9
MEDIUM This Month

Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Adobe +2
NVD GitHub
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 1% CVSS 6.2
MEDIUM This Month

Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted search path vulnerability that could result in information disclosure. Rated medium severity (CVSS 6.2). No vendor patch available.

Information Disclosure Adobe Dreamweaver
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Adobe Illustrator version 25.1 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Animate version 21.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 7% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted javascript file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +1
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 4% CVSS 9.1
CRITICAL PATCH Act Now

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Adobe +1
NVD
EPSS 2% CVSS 3.3
LOW Monitor

Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Information Disclosure +5
NVD
EPSS 2% CVSS 4.6
MEDIUM This Month

Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Adobe Acrobat +3
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Adobe +4
NVD
EPSS 2% CVSS 3.3
LOW Monitor

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Adobe +4
NVD
EPSS 2% CVSS 8.2
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Adobe Authentication Bypass Acrobat +3
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 15% CVSS 6.5
MEDIUM This Month

Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe +4
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free +6
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free +6
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +5
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Path Traversal vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Adobe +4
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Integer Overflow Adobe +4
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free +6
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe +4
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free +6
NVD
EPSS 2% CVSS 5.6
MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Magento
NVD
EPSS 2% CVSS 5.6
MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Adobe Magento
NVD
EPSS 6% CVSS 8.1
HIGH PATCH This Week

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
EPSS 85% CVSS 4.8
MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a Reflected Cross-site Scripting vulnerability via 'file' parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free +6
NVD
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via the GraphQL API. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Adobe Magento
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
EPSS 3% CVSS 9.1
CRITICAL PATCH Act Now

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Adobe Magento
NVD
EPSS 3% CVSS 9.1
CRITICAL PATCH Act Now

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a blind SQL injection vulnerability in the Search module. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Adobe +1
NVD
EPSS 2% CVSS 4.8
MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Adobe Magento
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Use After Free +6
NVD
Prev Page 27 of 63 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy