Filtered by vendor Adobe
Subscribe
Total
7146 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-34658 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-05-20 | N/A | 4.8 MEDIUM |
| Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed. | |||||
| CVE-2026-34685 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-05-20 | N/A | 3.4 LOW |
| Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier [NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing.] are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed. | |||||
| CVE-2026-34688 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34680 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34679 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34678 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34677 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34673 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34672 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34671 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34670 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34669 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34668 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34667 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34666 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 6.2 MEDIUM |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34665 | 1 Adobe | 2 C2pa, C2pa-web | 2026-05-15 | N/A | 7.5 HIGH |
| CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-34684 | 1 Adobe | 1 Substance 3d Designer | 2026-05-13 | N/A | 7.8 HIGH |
| Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-34683 | 1 Adobe | 1 Substance 3d Designer | 2026-05-13 | N/A | 7.8 HIGH |
| Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-34690 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2026-05-13 | N/A | 7.8 HIGH |
| After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2026-34682 | 1 Adobe | 1 Substance 3d Designer | 2026-05-13 | N/A | 7.8 HIGH |
| Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||