Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4340

Browse all 4340 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Found 117 results / 4340Clear Filters
Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion After Effects Dimension Bridge Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Designer Substance3D - Modeler Adobe Connect Adobe Photoshop CC Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2024-34113 ColdFusion | Weak Cryptography for Passwords (CWE-261) — ColdFusionCWE-261 5.5 Medium2024-06-13
CVE-2024-20767 ColdFusion | Improper Access Control (CWE-284) — ColdFusionCWE-284 7.4 High2024-03-18
CVE-2023-44351 Adobe ColdFusion RCE Security Vulnerability — ColdFusionCWE-502 9.8 Critical2023-11-17
CVE-2023-44355 ColdFusion | Improper Input Validation (CWE-20) — ColdFusionCWE-20 4.3 Medium2023-11-17
CVE-2023-26347 CVE-2023-38205 issues | ColdFusion Admin Panel Access — ColdFusionCWE-284 7.5 High2023-11-17
CVE-2023-44352 Unauthenticate Reflected XSS on Adobe Coldfusion 2018 - 2021 - 2023 last version — ColdFusionCWE-79 6.1 Medium2023-11-17
CVE-2023-44353 ColdFusion WDDX Deserialization Gadgets — ColdFusionCWE-502 9.8 Critical2023-11-17
CVE-2023-44350 ColdFusion | Deserialization of Untrusted Data (CWE-502) — ColdFusionCWE-502 9.8 Critical2023-11-17
CVE-2023-38204 Bypass APSB23-41 (CVE-2023-38203) - Pre-Auth RCE ColdFusion 2021 Update 8 — ColdFusionCWE-502 9.8 Critical2023-09-14
CVE-2023-38205 ColdFusion Bypass - Vulnerability disclosure in ColdFusion | BYPASS CVE-2023-29298 — ColdFusionCWE-284 7.5 High2023-09-14
CVE-2023-38206 ColdFusion | Improper Access Control (CWE-284) — ColdFusionCWE-284 5.3 Medium2023-09-14
CVE-2021-40699 ColdFusion CFIDE Improper Access Control Leads To Privilege Escalation — ColdFusionCWE-284 7.4 High2023-09-07
CVE-2021-40698 ColdFusion Use of Inherently Dangerous Function Leads To Security feature bypass   — ColdFusionCWE-242 7.4 High2023-09-07
CVE-2023-38203 Analysis CVE-2023-29300 Bypass: Adobe ColdFusion Pre-Auth RCE — ColdFusionCWE-502 9.8 Critical2023-07-20
CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution — ColdFusionCWE-502 9.8 Critical2023-07-12
CVE-2023-29301 Adobe ColdFusion Improper Restriction of Excessive Authentication Attempts Security feature bypass — ColdFusionCWE-307 7.5 High2023-07-12
CVE-2023-29298 Adobe ColdFusion Improper Access Control Security feature bypass — ColdFusionCWE-284 7.5 High2023-07-12
CVE-2023-26359 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution — ColdFusionCWE-502 9.8 Critical2023-03-23
CVE-2023-26360 Adobe ColdFusion Improper Access Control Arbitrary code execution — ColdFusionCWE-284 8.6 High2023-03-23
CVE-2023-26361 Adobe ColdFusion Directory Traversal Arbitrary file system read Vulnerability — ColdFusionCWE-22 4.9 Medium2023-03-23
CVE-2022-38424 Adobe ColdFusion Application Server Directory Traversal Arbitrary file system write — ColdFusionCWE-22 7.2 High2022-10-14
CVE-2022-42340 Adobe ColdFusion Improper Input Validation Arbitrary file system read — ColdFusionCWE-20 7.5 High2022-10-14
CVE-2022-42341 Adobe ColdFusion Improper Restriction of XML External Entity Reference Arbitrary file system read — ColdFusionCWE-611 7.5 High2022-10-14
CVE-2022-38419 Adobe ColdFusion Solr Service XML External Entity Processing Arbitrary file system read — ColdFusionCWE-611 7.5 High2022-10-14
CVE-2022-38421 Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability — ColdFusionCWE-22 7.2 High2022-10-14
CVE-2022-38422 Adobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability — ColdFusionCWE-22 7.5 High2022-10-14
CVE-2022-38423 Adobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability — ColdFusionCWE-22 4.9 Medium2022-10-14
CVE-2022-35690 Adobe ColdFusion ODBC Agent Stack-based Buffer Overflow Remote Code Execution Vulnerability — ColdFusionCWE-121 9.8 Critical2022-10-14
CVE-2022-35711 Adobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability — ColdFusionCWE-122 9.8 Critical2022-10-14
CVE-2022-35712 Adobe ColdFusion ODBC Agent Heap-based Buffer Overflow Remote Code Execution Vulnerability — ColdFusionCWE-122 9.8 Critical2022-10-14

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.