Vulnerabilities in Adobe

4,483 results
Vexday analysis

Com 4.472 CVEs catalogadas e 237 surgidas nos últimos 90 dias, a superfície de ataque do portfólio Adobe apresenta volume expressivo e ritmo contínuo de descobertas. A taxa de exploração ativa — 18 entradas no CISA KEV — está em linha com a média geral do catálogo, mas o EPSS de 0,9999 associado à CVE-2024-34102 indica probabilidade máxima de exploração para essa vulnerabilidade específica, exigindo atenção imediata de equipes de resposta. O tipo de falha mais comum é CWE-79 (Cross-Site Scripting), o que sugere fragilidades persistentes na sanitização de entrada em componentes voltados à renderização de conteúdo. A existência de 30 CVEs com prova de conceito pública, combinada a 105 de severidade crítica, reforça a necessidade de priorização rigorosa no ciclo de patching para produtos Adobe em ambientes expostos.

CVE-2020-9690Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitationEPSS 1.6%CVE-2021-43762MEDIUMAdobe Experience Manager Unicode normalization leads to dispatcher bypassEPSS 1.6%CVE-2019-7129Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could leaEPSS 1.6%CVE-2021-43015HIGHAdobe InCopy GIF File Parsing Memory Corruption Arbitrary Code ExecutionEPSS 1.6%CVE-2024-34108CRITICALLarge attack surface through legit webhook usage in Adobe CommerceEPSS 1.6%CVE-2020-24403LOWIncorrect permissions could lead to unauthorized modification of inventory source data via REST APIEPSS 1.6%CVE-2021-21023MEDIUMMagento Commerce Stored Cross Site Scripting Vulnerability Could Lead To Arbitrary Code ExecutionEPSS 1.6%CVE-2025-54251MEDIUMAdobe Experience Manager | XML Injection (aka Blind XPath Injection) (CWE-91)EPSS 1.6%CVE-2019-8078Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead tEPSS 1.6%CVE-2021-40700HIGHAdobe Premiere Elements TIFF Memory Corruption Vulnerability Could Lead to Arbitrary Code ExecutionEPSS 1.6%CVE-2021-42527HIGHAdobe Premiere Elements PSD file memory corruption vulnerability could lead to arbitrary code executionEPSS 1.6%CVE-2021-21070MEDIUMPrivilege Escalation Vulnerability in Adobe RoboHelpEPSS 1.6%CVE-2021-40792HIGHAdobe Premiere Pro WAV file memory corruption vulnerability could lead to arbitrary code executionEPSS 1.6%CVE-2021-43765HIGHAdobe Experience Manager Stored XSS in the Carousel SetEPSS 1.6%CVE-2021-44177HIGHAdobe Experience Manager Stored XSS in user name parameter in the package managerEPSS 1.6%CVE-2021-44176HIGHAdobe Experience Manager Stored XSS in workflow Stages parameterEPSS 1.6%CVE-2020-24431MEDIUMAcrobat Reader DC for macOS Dynamic Library Injection VulnerabilityEPSS 1.6%CVE-2021-40734HIGHAdobe Audition Memory Corruption could lead to Arbitrary code executionEPSS 1.6%CVE-2021-40777HIGHAdobe Media Encoder WAV file memory corruption vulnerability could lead to arbitrary code executionEPSS 1.6%CVE-2021-28585MEDIUMMagento Commerce improper input validation in customer customer webapiEPSS 1.6%