Adobe — Vulnerabilities & Security Advisories 4340

Browse all 4340 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-48627	Adobe Substance 3D Sampler v4.2.1Build3527 OOBW Vulnerability IV — Substance3D - SamplerCWE-787	7.8	High	2023-12-13
CVE-2023-48628	Adobe Substance 3D Sampler v4.2.1Build3527 OOBW Vulnerability III — Substance3D - SamplerCWE-787	7.8	High	2023-12-13
CVE-2023-48630	Adobe Substance 3D Sampler v4.2.1Build3527 OOBW Vulnerability I — Substance3D - SamplerCWE-787	7.8	High	2023-12-13
CVE-2023-48629	Adobe Substance 3D Sampler v4.2.1Build3527 OOBW Vulnerability II — Substance3D - SamplerCWE-787	7.8	High	2023-12-13
CVE-2023-48626	Adobe Substance 3D Sampler v4.2.1Build3527 OOBW Vulnerability V — Substance3D - SamplerCWE-787	7.8	High	2023-12-13
CVE-2023-47080	Adobe Substance 3D Stager v2.1.1 Vulnerability VI — Substance3D - StagerCWE-125	5.5	Medium	2023-12-13
CVE-2023-47081	Adobe Substance 3D Stager v2.1.1 Vulnerability II — Substance3D - StagerCWE-125	5.5	Medium	2023-12-13
CVE-2023-47061	ZDI-CAN-22278: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DimensionCWE-125	5.5	Medium	2023-12-13
CVE-2023-47079	ZDI-CAN-22279: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DimensionCWE-125	5.5	Medium	2023-12-13
CVE-2023-47062	ZDI-CAN-22284: Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DimensionCWE-125	5.5	Medium	2023-12-13
CVE-2023-47078	ZDI-CAN-22249: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DimensionCWE-125	5.5	Medium	2023-12-13
CVE-2023-44362	ZDI-CAN-21791: Adobe Prelude MP4 File Uninitialized Variable Information Disclosure Vulnerability — PreludeCWE-824	5.5	Medium	2023-12-13
CVE-2023-47076	Adobe InDesign CC 2023 Memory Corruption Vulnerability IV. — InDesign DesktopCWE-476	5.5	Medium	2023-12-13
CVE-2023-47077	Adobe InDesign CC 2023 Memory Corruption Vulnerability VI. — InDesign DesktopCWE-125	5.5	Medium	2023-12-13
CVE-2023-47063	Adobe Illustrator 2023 CC 27.7 Memory Corruption Out-Of-Bounds-Write Vulnerability IV. — IllustratorCWE-787	7.8	High	2023-12-13
CVE-2023-47074	ZDI-CAN-21812: Adobe Illustrator JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability — IllustratorCWE-125	7.8	High	2023-12-13
CVE-2023-47075	ZDI-CAN-22006: Adobe Illustrator JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability — IllustratorCWE-416	7.8	High	2023-12-13
CVE-2023-26364	Denial of Service of regular expression in package @adobe/css-tools — Not a productCWE-20	5.3	Medium	2023-11-17
CVE-2023-44351	Adobe ColdFusion RCE Security Vulnerability — ColdFusionCWE-502	9.8	Critical	2023-11-17
CVE-2023-44355	ColdFusion \| Improper Input Validation (CWE-20) — ColdFusionCWE-20	4.3	Medium	2023-11-17
CVE-2023-26347	CVE-2023-38205 issues \| ColdFusion Admin Panel Access — ColdFusionCWE-284	7.5	High	2023-11-17
CVE-2023-44352	Unauthenticate Reflected XSS on Adobe Coldfusion 2018 - 2021 - 2023 last version — ColdFusionCWE-79	6.1	Medium	2023-11-17
CVE-2023-44353	ColdFusion WDDX Deserialization Gadgets — ColdFusionCWE-502	9.8	Critical	2023-11-17
CVE-2023-44350	ColdFusion \| Deserialization of Untrusted Data (CWE-502) — ColdFusionCWE-502	9.8	Critical	2023-11-17
CVE-2023-22272	ZDI-CAN-21309: Adobe RoboHelp Server resolveDistinguishedName LDAP Injection Information Disclosure Vulnerability — RoboHelpCWE-20	7.5	High	2023-11-17
CVE-2023-22275	ZDI-CAN-21306: Adobe RoboHelp Server GetNewUserId SQL Injection Information Disclosure Vulnerability — RoboHelpCWE-89	7.5	High	2023-11-17
CVE-2023-22268	ZDI-CAN-21308: Adobe RoboHelp Server getRHSGroupsForRoles SQL Injection Information Disclosure Vulnerability — RoboHelpCWE-89	6.5	Medium	2023-11-17
CVE-2023-22274	ZDI-CAN-21305: Adobe RoboHelp Server UpdateCommandStream XML External Entity Processing Information Disclosure Vulnerability — RoboHelpCWE-611	7.5	High	2023-11-17
CVE-2023-22273	ZDI-CAN-21307: Adobe RoboHelp Server OnPublishFile Directory Traversal Remote Code Execution Vulnerability — RoboHelpCWE-22	7.2	High	2023-11-17
CVE-2023-44324	ZDI-CAN-21344: Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability — Adobe Framemaker Publishing ServerCWE-287	9.8	Critical	2023-11-17

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Adobe — Vulnerabilities & Security Advisories 4340