Vulnerabilities in Adobe

4,483 results
Vexday analysis

Com 4.472 CVEs catalogadas e 237 surgidas nos últimos 90 dias, a superfície de ataque do portfólio Adobe apresenta volume expressivo e ritmo contínuo de descobertas. A taxa de exploração ativa — 18 entradas no CISA KEV — está em linha com a média geral do catálogo, mas o EPSS de 0,9999 associado à CVE-2024-34102 indica probabilidade máxima de exploração para essa vulnerabilidade específica, exigindo atenção imediata de equipes de resposta. O tipo de falha mais comum é CWE-79 (Cross-Site Scripting), o que sugere fragilidades persistentes na sanitização de entrada em componentes voltados à renderização de conteúdo. A existência de 30 CVEs com prova de conceito pública, combinada a 105 de severidade crítica, reforça a necessidade de priorização rigorosa no ciclo de patching para produtos Adobe em ambientes expostos.

CVE-2021-28621HIGHAdobe Animate FLA File Parsing Out-Of-Bounds Read Remote Code Execution VulnerabilityEPSS 3.2%CVE-2021-21009HIGHServer-side request forgery (SSRF) in Campaign Classic could lead to sensitive information disclosureEPSS 3.2%CVE-2019-16444Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.301EPSS 3.2%CVE-2019-7108Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerabilEPSS 3.2%CVE-2022-28271HIGHAdobe Photoshop PDF File Parsing Use-After-Free Remote Code Execution VulnerabilityEPSS 3.2%CVE-2019-8082Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead toEPSS 3.2%CVE-2021-21074HIGHAdobe Animate out-of-bounds read vulnerabilityEPSS 3.2%CVE-2021-21076HIGHAdobe Animate out-of-bounds read vulnerabilityEPSS 3.2%CVE-2021-21013HIGHMagento Commerce Insecure Direct Object Reference Could Lead To Information DisclosureEPSS 3.2%CVE-2019-7081Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.3EPSS 3.2%CVE-2019-8059Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earEPSS 3.2%CVE-2019-8051Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earEPSS 3.2%CVE-2019-8058Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earEPSS 3.2%CVE-2019-8056Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earEPSS 3.2%CVE-2020-9646Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary codEPSS 3.2%CVE-2020-3717Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. SEPSS 3.2%CVE-2024-20736MEDIUMZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure VulnerabilityEPSS 3.2%CVE-2020-3719Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. SEPSS 3.2%CVE-2021-36079HIGHAdobe Bridge SGI File Parsing Out-Of-Bounds Read Remote Code Execution VulnerabilityEPSS 3.2%CVE-2019-7931Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation coEPSS 3.1%