Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Adobe Subscribe
Total 4695 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-35983 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 6.8 MEDIUM 7.8 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-35981 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 6.8 MEDIUM 7.8 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28633 1 Adobe 1 Creative Cloud Desktop Application 2021-08-31 3.6 LOW 6.1 MEDIUM
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.
CVE-2021-28639 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 9.3 HIGH 7.8 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28638 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 6.8 MEDIUM 7.8 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28637 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 8.8 HIGH 7.1 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability achieve arbitrary read / write system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28636 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 8.5 HIGH 7.3 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. An attacker with access to the victim's C:/ folder could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28627 1 Adobe 1 Experience Manager 2021-08-31 6.5 MEDIUM 8.8 HIGH
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Server-side Request Forgery. An authenticated attacker could leverage this vulnerability to contact systems blocked by the dispatcher. Exploitation of this issue does not require user interaction.
CVE-2021-28628 1 Adobe 1 Experience Manager 2021-08-31 4.3 MEDIUM 6.1 MEDIUM
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2021-28625 1 Adobe 1 Experience Manager 2021-08-31 4.3 MEDIUM 6.1 MEDIUM
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is affected by a Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2021-28635 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 9.3 HIGH 7.8 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28594 1 Adobe 1 Creative Cloud Desktop Application 2021-08-31 9.3 HIGH 7.8 HIGH
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28634 1 Adobe 2 Acrobat Dc, Acrobat Reader Dc 2021-08-31 8.5 HIGH 8.2 HIGH
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution on the host machine in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28616 2 Adobe, Microsoft 2 After Effects, Windows 2021-08-31 5.8 MEDIUM 7.1 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information and cause a denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28615 2 Adobe, Microsoft 2 After Effects, Windows 2021-08-31 4.3 MEDIUM 5.5 MEDIUM
Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28611 2 Adobe, Microsoft 2 After Effects, Windows 2021-08-31 5.8 MEDIUM 7.1 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information and cause a denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28610 2 Adobe, Microsoft 2 After Effects, Windows 2021-08-31 9.3 HIGH 7.8 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28609 2 Adobe, Microsoft 2 After Effects, Windows 2021-08-31 4.3 MEDIUM 5.5 MEDIUM
Adobe After Effects version 18.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28608 2 Adobe, Microsoft 2 After Effects, Windows 2021-08-31 9.3 HIGH 7.8 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28606 2 Adobe, Microsoft 2 After Effects, Windows 2021-08-31 9.3 HIGH 7.8 HIGH
Adobe After Effects version 18.2 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.