Vulnerabilities in Adobe

4,483 results
Vexday analysis

Com 4.472 CVEs catalogadas e 237 surgidas nos últimos 90 dias, a superfície de ataque do portfólio Adobe apresenta volume expressivo e ritmo contínuo de descobertas. A taxa de exploração ativa — 18 entradas no CISA KEV — está em linha com a média geral do catálogo, mas o EPSS de 0,9999 associado à CVE-2024-34102 indica probabilidade máxima de exploração para essa vulnerabilidade específica, exigindo atenção imediata de equipes de resposta. O tipo de falha mais comum é CWE-79 (Cross-Site Scripting), o que sugere fragilidades persistentes na sanitização de entrada em componentes voltados à renderização de conteúdo. A existência de 30 CVEs com prova de conceito pública, combinada a 105 de severidade crítica, reforça a necessidade de priorização rigorosa no ciclo de patching para produtos Adobe em ambientes expostos.

CVE-2021-28569MEDIUMAdobe Media Encoder VOB file parsing out-of-bounds read could lead to information disclosure vulnerabilityEPSS 2.3%CVE-2020-3809Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information EPSS 2.3%CVE-2021-39856MEDIUMAdobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via LoadFileEPSS 2.3%CVE-2021-39855MEDIUMAdobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via src ParameterEPSS 2.3%CVE-2021-40732MEDIUMXMP Toolkit SDK Null Pointer DereferenceEPSS 2.3%CVE-2019-8162Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and eEPSS 2.3%CVE-2021-45056HIGHAdobe InCopy JPEG File Parsing Out-Of-Bounds Write Remote Code Execution VulnerabilityEPSS 2.3%CVE-2021-43024HIGHAdobe Premiere Rush WAV File Memory Corruption Remote Code ExecutionEPSS 2.3%CVE-2021-42726HIGHAdobe Bridge Memory Corruption could lead to Arbitrary code executionEPSS 2.3%CVE-2021-43029HIGHAdobe Premiere Rush M4A File Memory Corruption Remote Code ExecutionEPSS 2.3%CVE-2021-43747HIGHAdobe Premiere Rush WAV File Memory Corruption Remote Code ExecutionEPSS 2.3%CVE-2021-43022HIGHAdobe Premiere Rush PNG File Memory Corruption Remote Code ExecutionEPSS 2.3%CVE-2021-43021HIGHAdobe Premiere Rush EXR File Memory Corruption Remote Code ExecutionEPSS 2.3%CVE-2021-43026HIGHAdobe Premiere Rush MXF File Memory Corruption Remote Code ExecutionEPSS 2.3%CVE-2020-24400HIGHSQL injection allows arbitrary read from databaseEPSS 2.3%CVE-2021-43028HIGHAdobe Premiere Rush M4A File Memory Corruption Remote Code ExecutionEPSS 2.3%CVE-2023-38208CRITICALValidate Your Inputs | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)EPSS 2.3%CVE-2021-28605HIGHAdobe After Effects memory corruption could lead to arbitrary code executionEPSS 2.3%CVE-2021-28545HIGHAcrobat Reader DC Missing Support for Integrity CheckEPSS 2.3%CVE-2021-36000HIGHAdobe Character Animator Memory Corruption Arbitrary Code Execution VulnerabilityEPSS 2.3%