Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Total 5743 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9739 2 Adobe, Microsoft 2 Media Encoder, Windows 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
CVE-2020-9738 1 Adobe 1 Experience Manager 2024-11-21 3.5 LOW 6.8 MEDIUM
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be executed in a victim’s browser when visiting the page containing the vulnerable field.
CVE-2020-9737 1 Adobe 1 Experience Manager 2024-11-21 3.5 LOW 6.8 MEDIUM
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field.
CVE-2020-9736 1 Adobe 1 Experience Manager 2024-11-21 3.5 LOW 6.8 MEDIUM
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be executed in a victim’s browser when browsing to the page containing the vulnerable field.
CVE-2020-9735 1 Adobe 1 Experience Manager 2024-11-21 3.5 LOW 6.8 MEDIUM
AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and below) and 6.2 SP1-CFP20 (and below) are affected by a stored XSS vulnerability that allows users with access to the Content Repository Development Environment to store malicious scripts in certain node fields. These scripts may be executed in a victim’s browser when search queries return the page containing the vulnerable field.
CVE-2020-9734 1 Adobe 1 Experience Manager 2024-11-21 3.5 LOW 9.0 CRITICAL
The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.1 (and below) is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field.
CVE-2020-9733 1 Adobe 2 Experience Manager, Experience Manager Forms 2024-11-21 5.0 MEDIUM 7.5 HIGH
An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (and below) executes with the permissions of a high privileged service user. If exploited, this could lead to read-only access to sensitive data in an AEM repository.
CVE-2020-9732 1 Adobe 2 Experience Manager, Experience Manager Forms 2024-11-21 6.0 MEDIUM 9.0 CRITICAL
The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. These scripts may be executed in a victim’s browser when they open the page containing the vulnerable field.
CVE-2020-9731 2 Adobe, Apple 2 Indesign, Macos 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
CVE-2020-9730 2 Adobe, Apple 2 Indesign, Macos 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
CVE-2020-9729 2 Adobe, Apple 2 Indesign, Macos 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
CVE-2020-9728 2 Adobe, Apple 2 Indesign, Macos 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
CVE-2020-9727 2 Adobe, Apple 2 Indesign, Macos 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption vulnerability exists in InDesign 15.1.1 (and earlier versions). Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user.
CVE-2020-9726 2 Adobe, Microsoft 2 Framemaker, Windows 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
Adobe FrameMaker version 2019.0.6 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious FrameMaker file.
CVE-2020-9725 2 Adobe, Microsoft 2 Framemaker, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe FrameMaker version 2019.0.6 (and earlier versions) lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. This could be exploited to execute arbitrary code with the privileges of the current user. User interaction is required to exploit this vulnerability in that the target must open a malicious FrameMaker file.
CVE-2020-9724 2 Adobe, Microsoft 2 Lightroom, Windows 2024-11-21 6.8 MEDIUM 7.8 HIGH
Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2020-9723 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2020-9722 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2020-9721 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2020-9720 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.