Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4340

Browse all 4340 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Found 98 results / 4340Clear Filters
Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion After Effects Dimension Bridge Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Designer Substance3D - Modeler Adobe Connect Adobe Photoshop CC Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2022-30680 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 -2022-09-16
CVE-2022-30685 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 Medium2022-09-16
CVE-2022-30678 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 -2022-09-16
CVE-2022-30683 AEM Violation of Secure Design Principles Security feature bypass — Experience ManagerCWE-657 5.3 -2022-09-16
CVE-2022-30677 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 -2022-09-16
CVE-2022-35697 AEM File Upload Security Issue leading to RXSS — Experience ManagerCWE-79 5.4 Medium2022-08-09
CVE-2022-28820 Adobe Consulting Services Reflected Cross-Site Scripting Arbitrary Code Execution — Experience ManagerCWE-79 6.1 Medium2022-04-21
CVE-2021-43764 Adobe Experience Manager Stored XSS in the Spin Set — Experience ManagerCWE-79 8.0 High2022-01-13
CVE-2021-44176 Adobe Experience Manager Stored XSS in workflow Stages parameter — Experience ManagerCWE-79 8.1 High2022-01-13
CVE-2021-43761 Adobe Experience Manager Stored XSS on Edit Tag page via Localization input — Experience ManagerCWE-79 8.0 High2022-01-13
CVE-2021-44177 Adobe Experience Manager Stored XSS in user name parameter in the package manager — Experience ManagerCWE-79 8.1 High2022-01-13
CVE-2021-40722 AEM Forms Improper Restriction of XML External Entity Reference — Experience ManagerCWE-611 9.8 Critical2022-01-13
CVE-2021-43765 Adobe Experience Manager Stored XSS in the Carousel Set — Experience ManagerCWE-79 8.1 High2022-01-13
CVE-2021-44178 Adobe Experience Manager Reflected XSS in /bin/wcm/contentfinder/page/view.html — Experience ManagerCWE-79 5.4 Medium2022-01-13
CVE-2021-43762 Adobe Experience Manager Unicode normalization leads to dispatcher bypass — Experience ManagerCWE-20 6.5 Medium2022-01-13
CVE-2021-40712 Adobe Experience Manager Path parameter Improper Input Validation Could Lead To DOS — Experience ManagerCWE-20 6.5 Medium2021-09-27
CVE-2021-40714 Adobe Experience Manager Reflected Cross Site Scripting via accesskey parameter — Experience ManagerCWE-79 6.1 Medium2021-09-27
CVE-2021-40713 Adobe Experience Manager Improper Certificate Validation Could Lead to Man In The Middle Attack — Experience ManagerCWE-295 5.9 Medium2021-09-27
CVE-2021-40711 Adobe Experience Manager Stored Cross-Site Scripting Could Lead to Arbitrary Code Execution — Experience ManagerCWE-79 5.4 Medium2021-09-27
CVE-2021-28627 Adobe Experience Manager Server-side Request Forgery could lead to Security feature bypass — Experience ManagerCWE-918 5.4 Medium2021-08-24
CVE-2021-28628 Adobe Experience Manager Cross-site Scripting vulnerability in inbox render.jsp — Experience ManagerCWE-79 6.3 Medium2021-08-24
CVE-2021-28625 Adobe Experience Manager Cross-site Scripting vulnerability in inbox workitem.jsp — Experience ManagerCWE-79 6.3 Medium2021-08-24
CVE-2021-28626 Adobe Experience Manager Improper Authorization at /content/usergenerated — Experience ManagerCWE-285 3.7 Low2021-08-24
CVE-2021-21084 Adobe Experience Manager stored cross-site scripting vulnerability in resource resolver factory could lead to arbitrary code execution — Experience ManagerCWE-79 7.3 High2021-06-28
CVE-2021-21083 Adobe Experience Manager broken access control in DSRPReindexServlet could lead to denial-of-service — Experience ManagerCWE-284 7.5 High2021-06-28
CVE-2021-21043 Reflected Cross-site Scripting (XSS) on version-compare and page-compare tools — Experience ManagerCWE-79 6.1 Medium2021-02-02
CVE-2020-24444 Blind SSRF in Forms add-on for AEM — Experience ManagerCWE-918 5.8 Medium2020-12-10
CVE-2020-9743 HTML injection in AEM's content editor component — Experience ManagerCWE-20 5.3 Medium2020-09-10
CVE-2020-9734 Stored XSS in AEM Forms component — Experience ManagerCWE-79 9.0 Critical2020-09-10
CVE-2020-9742 Reflected XSS in AEM Inbox module — Experience ManagerCWE-79 9.0 Critical2020-09-10

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.