Vulnerabilidades em Adobe

4.483 resultados
Análise Vexday

Com 4.472 CVEs catalogadas e 237 surgidas nos últimos 90 dias, a superfície de ataque do portfólio Adobe apresenta volume expressivo e ritmo contínuo de descobertas. A taxa de exploração ativa — 18 entradas no CISA KEV — está em linha com a média geral do catálogo, mas o EPSS de 0,9999 associado à CVE-2024-34102 indica probabilidade máxima de exploração para essa vulnerabilidade específica, exigindo atenção imediata de equipes de resposta. O tipo de falha mais comum é CWE-79 (Cross-Site Scripting), o que sugere fragilidades persistentes na sanitização de entrada em componentes voltados à renderização de conteúdo. A existência de 30 CVEs com prova de conceito pública, combinada a 105 de severidade crítica, reforça a necessidade de priorização rigorosa no ciclo de patching para produtos Adobe em ambientes expostos.

CVE-2021-40713MEDIUMAdobe Experience Manager Improper Certificate Validation Could Lead to Man In The Middle AttackEPSS 1.0%CVE-2022-28820MEDIUMAdobe Consulting Services Reflected Cross-Site Scripting Arbitrary Code ExecutionEPSS 1.0%CVE-2025-27203CRITICALAdobe Connect | Deserialization of Untrusted Data (CWE-502)EPSS 1.0%CVE-2023-29291MEDIUMServer Side Request Forgery (SSRF) in USPS carrier integration configurationEPSS 1.0%CVE-2023-26364MEDIUMDenial of Service of regular expression in package @adobe/css-toolsEPSS 1.0%CVE-2021-40721MEDIUMAdobe Connect Reflected Cross Site ScriptingEPSS 1.0%CVE-2023-22250MEDIUMAdobe Commerce Improper Access Control Security feature bypassEPSS 1.0%CVE-2020-3766Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file permissions vulnerability. Successful exploitation coEPSS 0.9%CVE-2025-24408MEDIUMAdobe Commerce | Information Exposure (CWE-200)EPSS 0.9%CVE-2025-27189MEDIUMAdobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352)EPSS 0.9%CVE-2023-22247HIGHAdobe Commerce XML Injection Arbitrary file system readEPSS 0.9%CVE-2022-42351MEDIUMAEM Incorrect Authorization Security feature bypassEPSS 0.9%CVE-2023-22248HIGHAdobe Commerce Incorrect Authorization Security feature bypassEPSS 0.9%CVE-2026-48276CRITICALColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434)EPSS 0.9%CVE-2024-45116HIGHAdobe Commerce | Cross-site Scripting (XSS) (CWE-79)EPSS 0.9%CVE-2023-29293LOWAdobe Commerce | Improper Input Validation (CWE-20)EPSS 0.9%CVE-2024-39399HIGH[Paris] Path Traversal lead to local file readEPSS 0.9%CVE-2024-43755LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.9%CVE-2024-52831LOWAdobe Experience Manager | Improper Input Validation (CWE-20)EPSS 0.9%CVE-2024-54037HIGHAdobe Connect | Cross-site Scripting (DOM-based XSS) (CWE-79)EPSS 0.9%