Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4340

Browse all 4340 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion After Effects Dimension Bridge Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Designer Substance3D - Modeler Adobe Connect Adobe Photoshop CC Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2024-41878 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) — Adobe Experience ManagerCWE-79 5.4 Medium2024-08-23
CVE-2024-41832 TALOS-2024-2002 | Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2024-08-14
CVE-2024-39426 ZDI-CAN-24312: Adobe Acrobat Reader DC Annotation Memory Corruption Remote Code Execution Vulnerability — Acrobat ReaderCWE-125 7.8 High2024-08-14
CVE-2024-39422 ZDI-CAN-24090: New Vulnerability Report - Use-after-free remote code execution vulnerability in Adobe Acrobat Reader DC — Acrobat ReaderCWE-416 7.8 High2024-08-14
CVE-2024-41831 ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 High2024-08-14
CVE-2024-39423 ZDI-CAN-24182: New Vulnerability Report - Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability — Acrobat ReaderCWE-787 7.8 High2024-08-14
CVE-2024-39420 Acrobat Reader | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) — Acrobat ReaderCWE-367 7.0 High2024-08-14
CVE-2024-41834 ZDI-CAN-24311: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2024-08-14
CVE-2024-41835 TALOS-2024-2003 | Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2024-08-14
CVE-2024-39424 ZDI-CAN-24309: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 High2024-08-14
CVE-2024-41830 Talos Security Advisory for Adobe (TALOS-2024-2009) — Acrobat ReaderCWE-416 7.8 High2024-08-14
CVE-2024-39425 Security vulnerability in AdobeARMHelper — Acrobat ReaderCWE-367 7.0 High2024-08-14
CVE-2024-39383 PoC sample of unknown vulnerability detected by EXPMON system — Acrobat ReaderCWE-416 7.8 High2024-08-14
CVE-2024-41833 ZDI-CAN-24310: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2024-08-14
CVE-2024-34127 Adobe Indesign TIF File Parsing Out Of Bound Read — InDesign DesktopCWE-125 5.5 Medium2024-08-14
CVE-2024-41854 Adobe Indesign 2024 PDF File parsing memory corruption — InDesign DesktopCWE-125 5.5 Medium2024-08-14
CVE-2024-41850 Adobe Indesign 2024 TIF File Parsing Heap Memory Corruption — InDesign DesktopCWE-122 7.8 High2024-08-14
CVE-2024-39391 Adobe Indesign XLS File Parsing Out Of Bound Write Remote Code execution vulnerability — InDesign DesktopCWE-787 7.8 High2024-08-14
CVE-2024-39390 Adobe Indesign 2024 DOC File Parsing Memory Corruption — InDesign DesktopCWE-787 7.8 High2024-08-14
CVE-2024-41852 Adobe Indesign 2024 AVI File Parsing Stack Based Buffer Overflow — InDesign DesktopCWE-121 7.8 High2024-08-14
CVE-2024-41866 Adobe Indesign 2024 DOC File Parsing Null Pointer Dereference — InDesign DesktopCWE-476 5.5 Medium2024-08-14
CVE-2024-41853 Indesign 2024 EPS File Parsing Heap Memory Corruption Remote Code Execution Vulnerability — InDesign DesktopCWE-122 7.8 High2024-08-14
CVE-2024-41851 Adobe InDesign (Beta) has an integer overflow vulnerability when parsing SVG file — InDesign DesktopCWE-190 7.8 High2024-08-14
CVE-2024-39393 Adobe Indesign 2024 PCT File Parsing Memory Corruption Remote Code Execution Vulnerability — InDesign DesktopCWE-125 7.8 High2024-08-14
CVE-2024-39389 Adobe Indesign PDF File Parsing Stack Based Buffer Overflow Remote Code Execution Vulnerability — InDesign DesktopCWE-121 7.8 High2024-08-14
CVE-2024-39395 Adobe Indesign 2024 DOC File Parsing Null Pointer Dereference — InDesign DesktopCWE-476 5.5 Medium2024-08-14
CVE-2024-39394 Adobe Indesign 2024 PDF File Parsing Out Of Bound Write Remote Code Execution Vulnerability — InDesign DesktopCWE-787 7.8 High2024-08-14
CVE-2024-39388 ZDI-CAN-24055: Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability — Substance3D - StagerCWE-416 7.8 High2024-08-14
CVE-2024-39387 ZDI-CAN-24047: Adobe Bridge AVI FIle Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — BridgeCWE-125 5.5 Medium2024-08-14
CVE-2024-41840 ZDI-CAN-24607: Adobe Bridge JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — BridgeCWE-787 7.8 High2024-08-14

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.