Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4340

Browse all 4340 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Found 85 results / 4340Clear Filters
Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion After Effects Dimension Bridge Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Designer Substance3D - Modeler Adobe Connect Adobe Photoshop CC Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2021-36044 Magento Commerce GraphQL Improper Input Validation Could Lead To Denial Of Service — Magento CommerceCWE-20 7.5 High2021-09-01
CVE-2021-36027 Magento Commerce Stored Cross-site Scripting Vulnerability — Magento CommerceCWE-79 6.5 Medium2021-09-01
CVE-2021-36043 Magento Commerce Authenticated Blind SSRF Could Lead To Remote Code Execution — Magento CommerceCWE-918 8.0 High2021-09-01
CVE-2021-36042 Magento Commerce API File Option Upload Extension Improper Input Validation Vulnerability Could Lead To Remote Code Execution — Magento CommerceCWE-20 9.1 Critical2021-09-01
CVE-2021-36030 Magento Commerce Improper Input Validation During Checkout Process Could Lead To Privilege Escalation — Magento CommerceCWE-20 7.5 High2021-09-01
CVE-2021-36041 Magento Commerce Improper Input Validation Could Lead To Remote Code Execution — Magento CommerceCWE-20 9.1 Critical2021-09-01
CVE-2021-36040 Magento Commerce Improper Input Validation Could Lead To Remote Code Execution — Magento CommerceCWE-20 9.1 Critical2021-09-01
CVE-2021-36025 Magento Commerce Customer Edition Improper Input Validation Could Lead To Remote Code Execution — Magento CommerceCWE-20 9.1 Critical2021-09-01
CVE-2021-36020 Magento Commerce XML Injection Vulnerability In The 'City' Field Could Lead To Remote Code Execution — Magento CommerceCWE-91 8.2 High2021-09-01
CVE-2021-36035 Magento Commerce Stock Media Improper Input Validation Could Lead To Remote Code Execution — Magento CommerceCWE-20 9.1 Critical2021-09-01
CVE-2021-36024 Magento Commerce Improper Neutralization of Special Elements Used In A Command — Magento CommerceCWE-78 9.1 Critical2021-09-01
CVE-2021-36031 Magento Commerce Path Traversal In `theme[preview_image]` Parameter Could Lead To Remote Code Execution — Magento CommerceCWE-22 7.2 High2021-09-01
CVE-2021-36039 Magento Commerce `quoteId` parameter Incorrect Authorization Vulnerability Could Lead To Information Disclosure — Magento CommerceCWE-863 6.5 Medium2021-09-01
CVE-2021-36029 Magento Commerce Improper Authorization Vulnerability Could Lead To Remote Code Execution — Magento CommerceCWE-285 9.1 Critical2021-09-01
CVE-2021-36026 Magento Commerce Stored Cross-site Scripting Vulnerability — Magento CommerceCWE-79 6.5 Medium2021-09-01
CVE-2021-36032 Magento Commerce Improper Input Validation Could Lead To Information Exposure and Privilege Escalation — Magento CommerceCWE-20 8.3 High2021-09-01
CVE-2021-36038 Magento Commerce Multishipping Module Improper Input Validation Could Lead To Information Exposure — Magento CommerceCWE-20 6.5 Medium2021-09-01
CVE-2021-36028 Magento Commerce XML Injection Vulnerability Could Lead To Remote Code Execution — Magento CommerceCWE-91 9.1 Critical2021-09-01
CVE-2021-36034 Magento Commerce Improper Input Validation Could Lead To Remote Code Execution — Magento CommerceCWE-20 9.1 Critical2021-09-01
CVE-2021-36022 Magento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code Execution — Magento CommerceCWE-78 9.1 Critical2021-09-01
CVE-2021-36033 Magento Commerce Widgets Module XML Injection Vulnerability Could Lead To Remote Code Execution — Magento CommerceCWE-91 9.1 Critical2021-09-01
CVE-2021-36037 Magento Commerce Improper Authorization Vulnerability Could Lead To Information Exposure — Magento CommerceCWE-285 6.5 Medium2021-09-01
CVE-2021-36012 Magento Commerce Gift Card Business Logic Error — Magento CommerceCWE-840 6.5 Medium2021-09-01
CVE-2021-28584 Magento Commerce path traversal vulnerability in child theme store creation — Magento CommerceCWE-22 5.4 Medium2021-06-28
CVE-2021-28585 Magento Commerce improper input validation in customer customer webapi — Magento CommerceCWE-20 5.3 Medium2021-06-28
CVE-2021-28583 Magento Commerce insecure storage of sensitive documentation — Magento CommerceCWE-657 7.5 High2021-06-28
CVE-2021-28563 Magento Commerce improper Authorization via the 'Create Customer' endpoint — Magento CommerceCWE-285 6.5 Medium2021-06-28
CVE-2021-28556 Magento Commerce DOM-based cross-site scripting (XSS) could lead to arbitrary javascript execution — Magento CommerceCWE-79 6.9 Medium2021-06-28
CVE-2021-21064 Magento UPWARD-php Path traversal vulnerability via UPWARD Connector — Magento CommerceCWE-22 4.9 -2021-02-25
CVE-2021-21014 Magento Commerce Arbitrary Folder Empty Could Lead To Arbitrary Code Execution — Magento CommerceCWE-434 9.1 -2021-02-11

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.