Skip to main content

Adobe

5604 CVEs vendor

Monthly

CVE-2020-9693 HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Acrobat Dc +1
NVD
CVSS 3.1
7.8
EPSS
5.0%
CVE-2020-9701 HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.8
EPSS
4.3%
CVE-2020-9700 HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.8
EPSS
4.3%
CVE-2020-9699 HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.8
EPSS
4.3%
CVE-2020-9698 HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.8
EPSS
4.2%
CVE-2020-13404 HIGH POC This Week

The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Adobe Command Injection Atos Sips
NVD GitHub
CVSS 3.1
8.8
EPSS
6.5%
CVE-2020-14319 MEDIUM This Month

It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe CSRF Amq Online Enmasse
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2020-9692 PHP MEDIUM PATCH This Month

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Adobe RCE Magento
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2020-9691 PHP CRITICAL PATCH Act Now

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS RCE Adobe Magento
NVD
CVSS 3.1
9.6
EPSS
6.0%
CVE-2020-9690 PHP MEDIUM PATCH This Month

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
4.2
EPSS
1.6%
CVE-2020-9689 PHP MEDIUM PATCH This Month

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Adobe RCE Path Traversal Magento
NVD
CVSS 3.1
6.5
EPSS
4.1%
CVE-2020-9687 HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Photoshop +1
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2020-9686 MEDIUM This Month

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE Information Disclosure Photoshop +1
NVD
CVSS 3.1
6.5
EPSS
4.2%
CVE-2020-9685 HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Photoshop +1
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2020-9684 HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Photoshop +1
NVD
CVSS 3.1
8.8
EPSS
3.5%
CVE-2020-9683 HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE Information Disclosure Photoshop +1
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-9680 HIGH This Week

Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Prelude
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-9679 MEDIUM This Month

Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE Information Disclosure Prelude
NVD
CVSS 3.1
6.5
EPSS
4.8%
CVE-2020-9678 HIGH This Week

Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Prelude
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-9677 HIGH This Week

Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE Information Disclosure Prelude
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2020-9676 HIGH This Week

Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
3.8%
CVE-2020-9675 HIGH This Week

Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE Information Disclosure Bridge
NVD
CVSS 3.1
7.8
EPSS
4.4%
CVE-2020-9674 HIGH This Week

Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2020-9665 PHP MEDIUM This Month

Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe Magento
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-9664 PHP CRITICAL Act Now

Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Deserialization PHP Magento
NVD
CVSS 3.1
9.8
EPSS
8.4%
CVE-2020-9663 MEDIUM This Month

Adobe Reader Mobile versions 20.0.1 and earlier have a directory traversal vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Path Traversal Adobe Reader
NVD
CVSS 3.1
5.3
EPSS
3.2%
CVE-2020-9688 HIGH This Week

Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection Download Manager
NVD
CVSS 3.1
7.8
EPSS
4.8%
CVE-2020-9682 CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Creative Cloud Desktop Application
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2020-9673 HIGH This Week

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Coldfusion
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-9672 HIGH This Week

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Coldfusion
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-9671 CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Creative Cloud Desktop Application
NVD
CVSS 3.1
9.8
EPSS
4.0%
CVE-2020-9670 CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Creative Cloud Desktop Application
NVD
CVSS 3.1
9.8
EPSS
3.6%
CVE-2020-9669 CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Creative Cloud
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2020-9650 HIGH This Week

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Media Encoder
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-9649 MEDIUM This Month

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Media Encoder
NVD
CVSS 3.1
5.5
EPSS
2.6%
CVE-2020-9646 HIGH This Week

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Adobe Media Encoder
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2020-13423 MEDIUM POC This Month

Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Adobe Form Builder For Magento 2
NVD
CVSS 3.1
4.8
EPSS
1.4%
CVE-2020-12635 MEDIUM POC This Month

XSS exists in the WebForms Pro M2 extension before 2.9.17 for Magento 2 via the textarea field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Adobe Webforms Pro M2
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-9632 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
CVSS 3.1
9.8
EPSS
7.4%
CVE-2020-9631 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
CVSS 3.1
9.8
EPSS
7.4%
CVE-2020-9630 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Magento
NVD
CVSS 3.1
9.8
EPSS
4.0%
CVE-2020-9628 HIGH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Dng Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-9627 HIGH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Dng Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-9625 HIGH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Dng Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-9591 PHP HIGH PATCH This Week

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
7.5
EPSS
3.4%
CVE-2020-9588 PHP HIGH PATCH This Week

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
7.2
EPSS
2.5%
CVE-2020-9587 PHP HIGH PATCH This Week

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
CVSS 3.1
7.5
EPSS
5.0%
CVE-2020-9585 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
CVSS 3.1
9.8
EPSS
4.9%
CVE-2020-9584 PHP MEDIUM PATCH This Month

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe Magento
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2020-9583 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection Magento
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2020-9582 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection Magento
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2020-9581 PHP MEDIUM PATCH This Month

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe Magento
NVD
CVSS 3.1
6.1
EPSS
1.5%
CVE-2020-9580 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
CVSS 3.1
9.8
EPSS
5.0%
CVE-2020-9579 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
CVSS 3.1
9.8
EPSS
5.0%
CVE-2020-9578 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection Magento
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2020-9577 PHP MEDIUM PATCH This Month

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe Magento
NVD
CVSS 3.1
6.1
EPSS
1.5%
CVE-2020-9576 PHP CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection Magento
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2020-9574 HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2020-9573 HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2020-9572 HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2020-9571 HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2020-9570 HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Illustrator
NVD
CVSS 3.1
7.8
EPSS
3.4%
CVE-2020-9569 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9568 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2020-9567 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Adobe Memory Corruption RCE Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2020-9566 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Adobe Memory Corruption RCE Use After Free +1
NVD
CVSS 3.1
7.8
EPSS
3.5%
CVE-2020-9565 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9564 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9563 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
5.2%
CVE-2020-9562 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
5.3%
CVE-2020-9561 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9560 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9559 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9558 LOW PATCH Monitor

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Bridge
NVD
CVSS 3.1
3.3
EPSS
2.0%
CVE-2020-9557 MEDIUM PATCH This Month

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Bridge
NVD
CVSS 3.1
5.5
EPSS
2.6%
CVE-2020-9556 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9555 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
5.2%
CVE-2020-9554 HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Bridge
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-9553 LOW PATCH Monitor

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Bridge
NVD
CVSS 3.1
3.3
EPSS
2.1%
CVE-2020-3809 MEDIUM PATCH This Month

Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure After Effects
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2020-3798 MEDIUM This Month

Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Digital Editions
NVD
CVSS 3.1
6.5
EPSS
4.7%
CVE-2020-9629 MEDIUM PATCH This Month

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Digital Negative Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
2.8%
CVE-2020-9626 LOW PATCH Monitor

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Digital Negative Software Development Kit
NVD
CVSS 3.1
3.3
EPSS
2.2%
CVE-2020-9624 MEDIUM PATCH This Month

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Digital Negative Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
2.8%
CVE-2020-9623 HIGH PATCH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Digital Negative Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-9622 MEDIUM PATCH This Month

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Digital Negative Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
2.8%
CVE-2020-9621 HIGH PATCH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Digital Negative Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
7.5%
CVE-2020-9620 HIGH PATCH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Digital Negative Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
7.7%
CVE-2020-9617 MEDIUM This Month

Adobe Premiere Rush versions 1.5.8 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Premiere Rush
NVD
CVSS 3.1
5.5
EPSS
2.8%
CVE-2020-9616 MEDIUM This Month

Adobe Premiere Pro versions 14.1 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Premiere Pro
NVD
CVSS 3.1
5.5
EPSS
2.7%
EPSS 5% CVSS 7.8
HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +3
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Adobe +2
NVD
EPSS 7% CVSS 8.8
HIGH POC This Week

The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Adobe Command Injection Atos Sips
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM This Month

It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe CSRF Amq Online +1
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Adobe RCE Magento
NVD
EPSS 6% CVSS 9.6
CRITICAL PATCH Act Now

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS RCE Adobe +1
NVD
EPSS 2% CVSS 4.2
MEDIUM PATCH This Month

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity.

Adobe Authentication Bypass Magento
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Adobe RCE Path Traversal +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +3
NVD
EPSS 4% CVSS 6.5
MEDIUM This Month

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE +3
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +3
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +3
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE +3
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 5% CVSS 6.5
MEDIUM This Month

Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE +2
NVD
EPSS 4% CVSS 8.8
HIGH This Week

Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 5% CVSS 8.8
HIGH This Week

Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE +2
NVD
EPSS 4% CVSS 7.8
HIGH This Week

Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe +1
NVD
EPSS 8% CVSS 9.8
CRITICAL Act Now

Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Deserialization +2
NVD
EPSS 3% CVSS 5.3
MEDIUM This Month

Adobe Reader Mobile versions 20.0.1 and earlier have a directory traversal vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Path Traversal +1
NVD
EPSS 5% CVSS 7.8
HIGH This Week

Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection +1
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Creative Cloud Desktop Application
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Coldfusion
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Coldfusion
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Creative Cloud Desktop Application
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Creative Cloud Desktop Application
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Creative Cloud
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 5.5
MEDIUM This Month

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 7.8
HIGH This Week

Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 1% CVSS 4.8
MEDIUM POC This Month

Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Adobe Form Builder For Magento 2
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

XSS exists in the WebForms Pro M2 extension before 2.9.17 for Magento 2 via the textarea field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Adobe Webforms Pro M2
NVD
EPSS 7% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
EPSS 7% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Magento
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Magento
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe +1
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection +1
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection +1
NVD
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe +1
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Magento
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection +1
NVD
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Adobe +1
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Command Injection +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 4% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Adobe Memory Corruption +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Adobe Memory Corruption +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 2% CVSS 3.3
LOW PATCH Monitor

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 5% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 2% CVSS 3.3
LOW PATCH Monitor

Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 5% CVSS 6.5
MEDIUM This Month

Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Digital Editions
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 2% CVSS 3.3
LOW PATCH Monitor

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 7% CVSS 7.8
HIGH PATCH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 8% CVSS 7.8
HIGH PATCH This Week

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption +2
NVD
EPSS 3% CVSS 5.5
MEDIUM This Month

Adobe Premiere Rush versions 1.5.8 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure +1
NVD
EPSS 3% CVSS 5.5
MEDIUM This Month

Adobe Premiere Pro versions 14.1 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure +1
NVD
Prev Page 29 of 63 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy