Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Adobe Subscribe
Filtered by product Download Manager
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2926 1 Adobe 1 Download Manager 2022-09-28 N/A 4.9 MEDIUM
The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory
CVE-2020-9688 2 Adobe, Microsoft 2 Download Manager, Windows 2021-07-21 9.3 HIGH 7.8 HIGH
Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-8071 2 Adobe, Microsoft 2 Download Manager, Windows 2019-10-21 7.5 HIGH 9.8 CRITICAL
Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2008-4816 2 Adobe, Microsoft 4 Acrobat, Acrobat Reader, Download Manager and 1 more 2018-10-30 4.3 MEDIUM N/A
Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors.
CVE-2008-4817 1 Adobe 3 Acrobat, Acrobat Reader, Download Manager 2018-10-30 9.3 HIGH N/A
The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that calls an AcroJS function with a long string argument, triggering heap corruption.
CVE-2006-5856 1 Adobe 1 Download Manager 2018-10-17 6.8 MEDIUM N/A
Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.
CVE-2010-0189 2 Adobe, Nos Microsystems 2 Download Manager, Getplus Download Manager 2017-09-18 9.3 HIGH N/A
A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site.