Vulnerabilidades em Adobe

4.483 resultados
Análise Vexday

Com 4.472 CVEs catalogadas e 237 surgidas nos últimos 90 dias, a superfície de ataque do portfólio Adobe apresenta volume expressivo e ritmo contínuo de descobertas. A taxa de exploração ativa — 18 entradas no CISA KEV — está em linha com a média geral do catálogo, mas o EPSS de 0,9999 associado à CVE-2024-34102 indica probabilidade máxima de exploração para essa vulnerabilidade específica, exigindo atenção imediata de equipes de resposta. O tipo de falha mais comum é CWE-79 (Cross-Site Scripting), o que sugere fragilidades persistentes na sanitização de entrada em componentes voltados à renderização de conteúdo. A existência de 30 CVEs com prova de conceito pública, combinada a 105 de severidade crítica, reforça a necessidade de priorização rigorosa no ciclo de patching para produtos Adobe em ambientes expostos.

CVE-2021-35999HIGHAdobe Prelude Memory Corruption Remote Code Execution VulnerabilityEPSS 2.4%CVE-2021-28618MEDIUMAdobe Animate out-of-bounds read vulnerability could lead to sensitive information disclosureEPSS 2.4%CVE-2021-28617MEDIUMAdobe Animate out-of-bounds read vulnerability could lead to sensitive information disclosureEPSS 2.4%CVE-2020-24427LOWAcrobat Reader DC Codec Input Validation Vulnerability Could Lead to Information DisclosureEPSS 2.4%CVE-2021-21020MEDIUMMagento Commerce Improper Access Control VulnerabilityEPSS 2.4%CVE-2021-21091LOWAdobe Bridge HEIC File Parsing Out-Of-Bounds Read vulnerability could lead to information disclosureEPSS 2.4%CVE-2019-8251Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earEPSS 2.4%CVE-2019-8252Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earEPSS 2.4%CVE-2020-9666Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.EPSS 2.4%CVE-2022-30647HIGHAdobe Illustrator Font Parsing Use-After-Free Remote Code Execution VulnerabilityEPSS 2.4%CVE-2023-38222HIGHZDI-CAN-21103: Adobe Acrobat Reader DC AcroForm spawnPageFromTemplate Use-After-Free Remote Code Execution VulnerabilityEPSS 2.4%CVE-2022-30648HIGHAdobe Illustrator Font Parsing Use-After-Free Remote Code Execution VulnerabilityEPSS 2.4%CVE-2021-36041CRITICALMagento Commerce Improper Input Validation Could Lead To Remote Code ExecutionEPSS 2.4%CVE-2018-15972Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation coulEPSS 2.4%CVE-2021-36034CRITICALMagento Commerce Improper Input Validation Could Lead To Remote Code ExecutionEPSS 2.4%CVE-2022-35670MEDIUMAdobe Acrobat Reader Use-After-Free Memory leakEPSS 2.4%CVE-2021-28602HIGHAdobe After Effects Memory corruption could lead to code execution vulnerabilityEPSS 2.4%CVE-2021-42723HIGHAdobe Bridge Out-of-bounds read could lead to Arbitrary Code ExecutionEPSS 2.4%CVE-2019-7092ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability. SuccessEPSS 2.4%CVE-2023-21581MEDIUMAdobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure VulnerabilityEPSS 2.4%