Vulnerabilities in Adobe

4,485 results
Vexday analysis

Com 4.472 CVEs catalogadas e 237 surgidas nos últimos 90 dias, a superfície de ataque do portfólio Adobe apresenta volume expressivo e ritmo contínuo de descobertas. A taxa de exploração ativa — 18 entradas no CISA KEV — está em linha com a média geral do catálogo, mas o EPSS de 0,9999 associado à CVE-2024-34102 indica probabilidade máxima de exploração para essa vulnerabilidade específica, exigindo atenção imediata de equipes de resposta. O tipo de falha mais comum é CWE-79 (Cross-Site Scripting), o que sugere fragilidades persistentes na sanitização de entrada em componentes voltados à renderização de conteúdo. A existência de 30 CVEs com prova de conceito pública, combinada a 105 de severidade crítica, reforça a necessidade de priorização rigorosa no ciclo de patching para produtos Adobe em ambientes expostos.

CVE-2024-34128MEDIUMAdobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)EPSS 0.3%CVE-2025-47096LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.3%CVE-2025-61819HIGHPhotoshop Desktop | Heap-based Buffer Overflow (CWE-122)EPSS 0.3%CVE-2025-54220HIGHInCopy | Heap-based Buffer Overflow (CWE-122)EPSS 0.3%CVE-2025-54219HIGHInCopy | Heap-based Buffer Overflow (CWE-122)EPSS 0.3%CVE-2024-20713MEDIUMAdobe Substance 3D Stager v2.1.1 Vulnerability IVEPSS 0.3%CVE-2024-36238MEDIUMAdobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.3%CVE-2024-20712MEDIUMAdobe Substance 3D Stager v2.1.1 Vulnerability IIIEPSS 0.3%CVE-2025-54217HIGHInCopy | Heap-based Buffer Overflow (CWE-122)EPSS 0.3%CVE-2025-47111MEDIUMAcrobat Reader | NULL Pointer Dereference (CWE-476)EPSS 0.3%CVE-2024-20711MEDIUMAdobe Substance 3D Stager v2.1.1 Vulnerability VIIEPSS 0.3%CVE-2024-20771MEDIUMBridge 2024 MOV File parsing memory corruptionEPSS 0.3%CVE-2024-20710MEDIUMAdobe Substance 3D Stager v2.1.1 Vulnerability IEPSS 0.3%CVE-2024-20715MEDIUMAdobe Substance 3D Stager v2.1.1 Vulnerability VIIIEPSS 0.3%CVE-2024-20796MEDIUMAdobe Animation SWF File Parsing Memory CorruptionEPSS 0.3%CVE-2024-20714MEDIUMAdobe Substance 3D Stager v2.1.1 Vulnerability VEPSS 0.3%CVE-2025-54225HIGHInDesign Desktop | Use After Free (CWE-416)EPSS 0.3%CVE-2025-30288HIGHColdFusion | Improper Access Control (CWE-284)EPSS 0.3%CVE-2025-54226HIGHInDesign Desktop | Use After Free (CWE-416)EPSS 0.3%CVE-2025-54224HIGHInDesign Desktop | Use After Free (CWE-416)EPSS 0.3%