Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4469

Browse all 4469 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion After Effects Dimension Bridge Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Designer Substance3D - Modeler Adobe Connect Adobe Photoshop CC Audition FrameMaker Substance3D - Sampler Magento Adobe Photoshop Photoshop Desktop
CVE IDTitleCVSSSeverityPublished
CVE-2021-40719 Adobe Connect Deserialization of Untrusted Data Remote Code Execution — ConnectCWE-502 9.8 -2021-10-21
CVE-2021-40721 Adobe Connect Reflected Cross Site Scripting — ConnectCWE-79 6.1 Medium2021-10-15
CVE-2021-40731 Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — Acrobat ReaderCWE-787 7.8 -2021-10-15
CVE-2021-40728 Adobe Acrobat Reader DC Use After Free Arbitrary Code Execution — Acrobat ReaderCWE-416 7.8 High2021-10-15
CVE-2021-40724 Adobe Acrobat Reader Android Abritrary Code Execution Vulnerability — Reader MobileCWE-22 7.8 High2021-10-15
CVE-2021-40720 Ops CLI Deserialization of Untrusted Data leads to Abritrary Code Execution — Ops-CLICWE-502 9.8 Critical2021-10-15
CVE-2021-40730 Adobe Acrobat Reader DC JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability — Acrobat ReaderCWE-416 3.3 -2021-10-15
CVE-2021-40729 Adobe Acrobat Reader DC PDF Out-of-Bound Read Vulnerability Information Disclosure — Acrobat ReaderCWE-125 3.3 Low2021-10-15
CVE-2021-39864 Adobe Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Cart Addition — Magento CommerceCWE-352 6.5 Medium2021-10-15
CVE-2021-40732 XMP Toolkit SDK Null Pointer Dereference — XMP ToolkitCWE-476 6.1 Medium2021-10-13
CVE-2021-40725 Adobe Acrobat Reader DC AcroForm listbox Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 -2021-10-07
CVE-2021-40726 Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 -2021-10-07
CVE-2021-36051 XMP Toolkit SDK Buffer Overflow Could Lead To Arbitrary Code Execution — XMP ToolkitCWE-122 7.8 High2021-10-04
CVE-2021-21089 Adobe Acrobat Reader DC URI Parsing Out-Of-Bounds Read — Acrobat ReaderCWE-125 3.3 Low2021-09-30
CVE-2021-28547 Adobe Creative Cloud for macOS Privilege Escalation Vulnerability — Creative Cloud (desktop component)CWE-20 7.8 -2021-09-29
CVE-2021-40716 XMP Toolkit SDK SVG_Adapter Out-of-bounds Read Information Disclosure — XMP ToolkitCWE-125 5.5 -2021-09-29
CVE-2021-40710 Adobe Premiere Pro 2021 SVG File Parsing Leads to Memory Corruption — PremiereCWE-788 7.8 -2021-09-29
CVE-2021-40697 Adobe FrameMaker PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — FrameMakerCWE-125 3.3 -2021-09-29
CVE-2021-39863 Adobe Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution — Acrobat ReaderCWE-122 7.8 High2021-09-29
CVE-2021-40715 Adobe Premiere Pro 2021 EXR File Parsing Leads to Memory Corruption — PremiereCWE-788 7.8 High2021-09-29
CVE-2021-39862 Adobe FrameMaker PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — FrameMakerCWE-125 3.3 -2021-09-29
CVE-2021-40708 Adobe Genuine Service Installer Privilege Escalation Vulnerability — GoCartCWE-379 7.3 High2021-09-29
CVE-2021-39865 Adobe FrameMaker TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — FrameMakerCWE-125 3.3 -2021-09-29
CVE-2021-39858 Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 3.3 -2021-09-29
CVE-2021-39861 Adobe Acrobat Reader DC Catalog Plugin Out-of-Bounds Read Bug — Acrobat ReaderCWE-125 5.5 Medium2021-09-29
CVE-2021-39856 Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via LoadFile — Acrobat ReaderCWE-200 6.5 Medium2021-09-29
CVE-2021-39860 Adobe Acrobat Reader DC Search Plugin Null Pointer Dereference — Acrobat ReaderCWE-476 5.5 Medium2021-09-29
CVE-2021-39854 Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service — Acrobat ReaderCWE-476 5.5 -2021-09-29
CVE-2021-39855 Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via src Parameter — Acrobat ReaderCWE-200 6.5 Medium2021-09-29
CVE-2021-39849 Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service — Acrobat ReaderCWE-476 5.5 Medium2021-09-29

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.