PRIOn Logo

Search KB


Search our pre-analyzed vulnerability database

Total Results: 5613

of 281

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Heap overflow

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Deserialization of untrusted data

Vendor(s):  Adobe
Significant
Remediate Within one Month
CVSS v2N/ACVSS v39.8

ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability by providing crafted input to the application, which when deserialized, leads to execution of malicious code. Exploitation of this issue does not require user interaction.

Published:   Updated:

Vulnerability Type: Authentication flaw

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access and affect the integrity of the application. Exploitation of this issue does not require user interaction.

Published:   Updated:

Vulnerability Type: Type confusion

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not compatible with the actual object type, leading to a logic error that an attacker could exploit. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Adobe
Significant
Remediate Within one Month
CVSS v2N/ACVSS v37.8

Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Integer overflow

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Null pointer dereference

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

Illustrator versions 28.6, 27.9.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Integer overflow

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Illustrator versions 28.6, 27.9.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

Illustrator versions 28.6, 27.9.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Premiere Pro versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

Premiere Pro versions 24.5, 23.6.8 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Stack overflow

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

After Effects versions 23.6.6, 24.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could lead to arbitrary file system write operations. An attacker could leverage this vulnerability to modify or corrupt files, potentially leading to a compromise of system integrity. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Heap overflow

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Adobe
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

of 281