Vulnerabilidades em Adobe

4.483 resultados

Análise Vexday

Com 4.472 CVEs catalogadas e 237 surgidas nos últimos 90 dias, a superfície de ataque do portfólio Adobe apresenta volume expressivo e ritmo contínuo de descobertas. A taxa de exploração ativa — 18 entradas no CISA KEV — está em linha com a média geral do catálogo, mas o EPSS de 0,9999 associado à CVE-2024-34102 indica probabilidade máxima de exploração para essa vulnerabilidade específica, exigindo atenção imediata de equipes de resposta. O tipo de falha mais comum é CWE-79 (Cross-Site Scripting), o que sugere fragilidades persistentes na sanitização de entrada em componentes voltados à renderização de conteúdo. A existência de 30 CVEs com prova de conceito pública, combinada a 105 de severidade crítica, reforça a necessidade de priorização rigorosa no ciclo de patching para produtos Adobe em ambientes expostos.

CVE-2021-36022CRITICALMagento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code ExecutionEPSS 3.4%CVE-2022-28244MEDIUMAdobe Acrobat Reader DC CSP Bypass Leads To Privilege EscalationEPSS 3.4%CVE-2020-9669—Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation EPSS 3.4%CVE-2022-34225HIGHAdobe Acrobat Reader DC AcroForm exportValues Use-After-Free Remote Code Execution VulnerabilityEPSS 3.4%CVE-2024-20733MEDIUM[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service VulnerabilityEPSS 3.4%CVE-2020-9570—Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code eEPSS 3.4%CVE-2020-9571—Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code eEPSS 3.4%CVE-2020-9574—Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code eEPSS 3.4%CVE-2020-9573—Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code eEPSS 3.4%CVE-2020-9591—Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth secEPSS 3.4%CVE-2021-40719CRITICALAdobe Connect Deserialization of Untrusted Data Remote Code ExecutionEPSS 3.4%CVE-2019-8099—Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earEPSS 3.4%CVE-2020-9712—Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier havEPSS 3.4%CVE-2021-28551HIGHAdobe Acrobat Pro DC JPEG2000 Editing Out-Of-Bounds Read Remote Code Execution VulnerabilityEPSS 3.4%CVE-2024-20729HIGHTALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerabilityEPSS 3.4%CVE-2022-34228HIGHAdobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution VulnerabilityEPSS 3.4%CVE-2020-3762—Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 andEPSS 3.4%CVE-2022-34230HIGHAdobe Acrobat Reader Use After Free could lead to Arbitrary code executionEPSS 3.4%CVE-2021-21065HIGHAdobe Bridge Font Parsing Out-Of-Bounds Write Arbitrary Code Execution VulnerabilityEPSS 3.4%CVE-2021-21066HIGHAdobe Bridge Font Parsing Out-Of-Bounds Write Arbitrary Code Execution VulnerabilityEPSS 3.4%

← anteriorpágina 47 / 225próxima →