Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Total 6255 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-30320 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-05-14 N/A 5.5 MEDIUM
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-30319 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-05-14 N/A 5.5 MEDIUM
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-30318 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-05-14 N/A 7.8 HIGH
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-30310 3 Adobe, Apple, Microsoft 3 Dreamweaver, Macos, Windows 2025-05-14 N/A 7.8 HIGH
Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-30290 1 Adobe 1 Coldfusion 2025-05-12 N/A 8.7 HIGH
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to bypass security protections and gain unauthorized write and delete access. Exploitation of this issue does not require user interaction and scope is changed.
CVE-2018-4942 1 Adobe 1 Coldfusion 2025-05-06 5.0 MEDIUM 7.5 HIGH
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-4938 1 Adobe 1 Coldfusion 2025-05-06 4.6 MEDIUM 7.8 HIGH
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.
CVE-2018-15965 1 Adobe 1 Coldfusion 2025-05-06 10.0 HIGH 9.8 CRITICAL
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2018-15964 1 Adobe 1 Coldfusion 2025-05-06 5.0 MEDIUM 7.5 HIGH
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-15963 1 Adobe 1 Coldfusion 2025-05-06 5.0 MEDIUM 5.3 MEDIUM
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.
CVE-2018-15962 1 Adobe 1 Coldfusion 2025-05-06 5.0 MEDIUM 5.3 MEDIUM
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-15959 1 Adobe 1 Coldfusion 2025-05-06 10.0 HIGH 9.8 CRITICAL
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2018-15958 1 Adobe 1 Coldfusion 2025-05-06 10.0 HIGH 9.8 CRITICAL
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2018-15957 1 Adobe 1 Coldfusion 2025-05-06 10.0 HIGH 9.8 CRITICAL
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2017-16368 1 Adobe 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more 2025-05-06 9.3 HIGH 8.8 HIGH
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string manipulation module. It is triggered by an invalid PDF file, where a crafted Unicode string causes an out of bounds memory access of a stack allocated buffer, due to improper checks when manipulating an offset of a pointer to the buffer. Attackers can exploit the vulnerability and achieve arbitrary code execution if they can effectively control the accessible memory.
CVE-2019-8062 1 Adobe 1 After Effects 2025-05-05 6.8 MEDIUM 7.8 HIGH
Adobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2025-27193 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2025-05-05 N/A 7.8 HIGH
Bridge versions 14.1.5, 15.0.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27194 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 N/A 7.8 HIGH
Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27195 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 N/A 7.8 HIGH
Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27196 3 Adobe, Apple, Microsoft 3 Premiere Pro, Macos, Windows 2025-05-05 N/A 7.8 HIGH
Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.