Filtered by vendor Adobe
Subscribe
Total
6212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3723 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3722 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3721 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3720 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3714 | 2 Adobe, Microsoft | 2 Illustrator Cc, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3713 | 2 Adobe, Microsoft | 2 Illustrator Cc, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3712 | 2 Adobe, Microsoft | 2 Illustrator Cc, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3711 | 2 Adobe, Microsoft | 2 Illustrator Cc, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3710 | 2 Adobe, Microsoft | 2 Illustrator Cc, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-29075 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 MEDIUM | 7.1 HIGH |
| Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability. | |||||
| CVE-2020-24447 | 2 Adobe, Microsoft | 2 Lightroom, Windows | 2024-11-21 | 3.7 LOW | 7.0 HIGH |
| Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24445 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 3.5 LOW | 9.0 CRITICAL |
| AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2020-24444 | 1 Adobe | 1 Experience Manager Forms Add-on | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
| AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems that reside on the same network. | |||||
| CVE-2020-24443 | 1 Adobe | 1 Connect | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | |||||
| CVE-2020-24442 | 1 Adobe | 1 Connect | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | |||||
| CVE-2020-24441 | 1 Adobe | 1 Acrobat Reader | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information stored in databases used by the application. Exploitation requires a victim to download and run a malicious application. | |||||
| CVE-2020-24440 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2024-11-21 | 3.7 LOW | 7.0 HIGH |
| Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24439 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 1.2 LOW | 2.8 LOW |
| Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process. | |||||
| CVE-2020-24438 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-24437 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||