Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4289

Browse all 4289 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Found 85 results / 4289Clear Filters
Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion Dimension Bridge After Effects Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Modeler Adobe Photoshop CC Substance3D - Designer Adobe Connect Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2021-21016 Magento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution — Magento CommerceCWE-78 9.1 -2021-02-11
CVE-2021-21026 Magento Commerce Incorrect permissions Could Lead To Unauthorized Access — Magento CommerceCWE-285 4.9 -2021-02-11
CVE-2021-21015 Magento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution — Magento CommerceCWE-78 9.1 -2021-02-11
CVE-2021-21018 Magnto Commerce Unauthorized Data Modification Could Lead To Arbitrary Code Execution — Magento CommerceCWE-78 9.1 -2021-02-11
CVE-2021-21019 Magento Commerce XML Injection Could Lead To Remote Code Execution — Magento CommerceCWE-91 9.1 -2021-02-11
CVE-2021-21020 Magento Commerce Improper Access Control Vulnerability — Magento CommerceCWE-284 5.9 -2021-02-11
CVE-2021-21025 Magento Commerce XML Injection Could Lead To Arbitrary Code Execution — Magento CommerceCWE-91 9.1 -2021-02-11
CVE-2021-21024 Magento Commerce Blind SQL Injection Could Lead To Unauthorized Access — Magento CommerceCWE-89 6.5 -2021-02-11
CVE-2021-21029 Magento Commerce Reflected Cross-site Scripting Vulnerability Could Lead To Arbitrary JavaScript Execution — Magento CommerceCWE-79 4.8 Medium2021-02-11
CVE-2021-21032 Magento Commerce Failure To Invalidate User Session Could Lead To Unauthorized Access — Magento CommerceCWE-613 6.5 -2021-02-11
CVE-2021-21023 Magento Commerce Stored Cross Site Scripting Vulnerability Could Lead To Arbitrary Code Execution — Magento CommerceCWE-79 4.8 -2021-02-11
CVE-2021-21022 Magento Commerce Incorrect permissions Could Lead To Unauthorized Access — Magento CommerceCWE-639 5.3 -2021-02-11
CVE-2021-21027 Magento Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Data Modification — Magento CommerceCWE-352 4.3 -2021-02-11
CVE-2021-21030 Magento Commerce Stored Cross-site Scripting Could Lead To Arbitrary Javascript Execution — Magento CommerceCWE-79 6.1 -2021-02-11
CVE-2021-21013 Magento Commerce Insecure Direct Object Reference Could Lead To Information Disclosure — Magento CommerceCWE-863 8.1 High2021-01-13
CVE-2021-21012 Magento Commerce Insecure Direct Object Reference Vulnerability Could Lead To Sensitive Information Disclosure — Magento CommerceCWE-639 5.3 -2021-01-13
CVE-2020-24404 Incorrect permissions in Integrations component could lead to unauthorized deletion of cmsPages via REST API — Magento CommerceCWE-285 2.7 Low2020-11-09
CVE-2020-24407 Arbitrary code execution via file import functionality — Magento CommerceCWE-434 9.1 Critical2020-11-09
CVE-2020-24406 Document root path disclosure on Maintenance page — Magento CommerceCWE-200 3.7 Low2020-11-09
CVE-2020-24405 Incorrect permissions in Inventory module could lead to unauthorized modification of inventory stock data — Magento CommerceCWE-285 4.3 Medium2020-11-09
CVE-2020-24403 Incorrect permissions could lead to unauthorized modification of inventory source data via REST API — Magento CommerceCWE-285 2.7 Low2020-11-09
CVE-2020-24401 Incorrect permissions following the deletion of a user role or deactivation of a user — Magento CommerceCWE-863 6.5 Medium2020-11-09
CVE-2020-24402 Incorrect permissions in the Integrations component could lead to unauthorized deletion of customer details via REST API — Magento CommerceCWE-276 4.9 Medium2020-11-09
CVE-2020-24400 SQL injection allows arbitrary read from database — Magento CommerceCWE-89 7.1 High2020-11-09
CVE-2020-24408 Stored XSS in customer address upload feature — Magento CommerceCWE-79 6.1 Medium2020-10-16

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.