Filtered by vendor Adobe
Subscribe
Total
6501 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5941 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method. | |||||
| CVE-2007-2022 | 2 Adobe, Opera | 2 Flash Player, Opera Browser | 2025-04-09 | 6.8 MEDIUM | N/A |
| Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | |||||
| CVE-2008-2042 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function. | |||||
| CVE-2008-4824 | 1 Adobe | 1 Flash Player | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors." | |||||
| CVE-2007-1377 | 4 Adobe, Mozilla, Netscape and 1 more | 4 Acrobat Reader, Firefox, Navigator and 1 more | 2025-04-09 | 5.0 MEDIUM | N/A |
| AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. | |||||
| CVE-2009-4195 | 1 Adobe | 1 Illustrator | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0888 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, and CVE-2009-0889. | |||||
| CVE-2008-4503 | 1 Adobe | 1 Flash Player | 2025-04-09 | 6.8 MEDIUM | N/A |
| The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking." | |||||
| CVE-2008-5331 | 1 Adobe | 1 Acrobat | 2025-04-09 | 7.5 HIGH | N/A |
| Adobe Acrobat 9 uses more efficient encryption than previous versions, which makes it easier for attackers to guess a document's password via a brute-force attack. | |||||
| CVE-2009-1868 | 1 Adobe | 3 Air, Flash Player, Flex | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing. | |||||
| CVE-2007-6246 | 2 Adobe, Linux | 2 Flash Player, Linux Kernel | 2025-04-09 | 4.4 MEDIUM | N/A |
| Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges. | |||||
| CVE-2009-2996 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985. | |||||
| CVE-2006-5858 | 2 Adobe, Microsoft | 3 Coldfusion, Jrun, Internet Information Services | 2025-04-09 | 5.0 MEDIUM | N/A |
| Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file. | |||||
| CVE-2009-1879 | 1 Adobe | 1 Flex Sdk | 2025-04-09 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2009-2982 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors. | |||||
| CVE-2006-5199 | 1 Adobe | 1 Contribute | 2025-04-09 | 2.1 LOW | N/A |
| Adobe Contribute Publishing Server leaks the administrator password in logs that are created during product installation, which allows local users to gain privileges to the server. | |||||
| CVE-2009-3959 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
| Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. | |||||
| CVE-2007-6148 | 1 Adobe | 2 Connect Enterprise Server, Flash Media Server 2 | 2025-04-09 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests. | |||||
| CVE-2008-0643 | 1 Adobe | 1 Coldfusion | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6062 | 1 Adobe | 1 Dreamweaver | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may overlap CVE-2007-6242, CVE-2007-6244, or CVE-2007-6637. | |||||