Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4340

Browse all 4340 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion After Effects Dimension Bridge Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Designer Substance3D - Modeler Adobe Connect Adobe Photoshop CC Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2023-38245 Adobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Hash Theft Vulnerability — Acrobat ReaderCWE-200 5.5 Medium2023-08-10
CVE-2023-38238 ZDI-CAN-21243: Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability — Acrobat ReaderCWE-416 5.5 Medium2023-08-10
CVE-2023-38236 ZDI-CAN-21247: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38235 ZDI-CAN-21356: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38232 ZDI-CAN-21357: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38248 ZDI-CAN-21494: Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38244 ZDI-CAN-21371: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38247 ZDI-CAN-21449: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38237 ZDI-CAN-21244: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38242 ZDI-CAN-21387: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38240 ZDI-CAN-21245: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38239 ZDI-CAN-21242: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38241 ZDI-CAN-21246: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125 5.5 Medium2023-08-10
CVE-2023-38230 ZDI-CAN-21318: Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability — Acrobat ReaderCWE-416 5.5 Medium2023-08-10
CVE-2023-38224 ZDI-CAN-21122: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416 7.8 High2023-08-10
CVE-2023-38234 ZDI-CAN-21359: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability — Acrobat ReaderCWE-824 7.8 High2023-08-10
CVE-2023-38243 ZDI-CAN-21252: Adobe Acrobat Reader DC JBIG2 File Parsing Use-After-Free Information Disclosure Vulnerability — Acrobat ReaderCWE-416 5.5 Medium2023-08-10
CVE-2023-38212 ZDI-CAN-21093: Adobe Dimension GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability — DimensionCWE-122 7.8 High2023-08-09
CVE-2023-38211 ZDI-CAN-21078: Adobe Dimension GLB File Parsing Use-After-Free Remote Code Execution Vulnerability — DimensionCWE-416 7.8 High2023-08-09
CVE-2023-38213 ZDI-CAN-21094: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DimensionCWE-125 5.5 Medium2023-08-09
CVE-2023-38207 Adobe Commerce XML Injection (aka Blind XPath Injection) Arbitrary file system read — Adobe CommerceCWE-91 7.5 High2023-08-09
CVE-2023-38208 Validate Your Inputs | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — Magento CommerceCWE-78 9.1 Critical2023-08-09
CVE-2023-38209 Adobe Commerce Incorrect Authorization Security feature bypass — Magento CommerceCWE-863 6.5 Medium2023-08-09
CVE-2023-38203 Analysis CVE-2023-29300 Bypass: Adobe ColdFusion Pre-Auth RCE — ColdFusionCWE-502 9.8 Critical2023-07-20
CVE-2021-39822 Adobe InDesign BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — InDesignCWE-787 7.8 High2023-07-20
CVE-2023-29311 [FG-VD-23-006] Adobe InDesign 2023 Out-of-Bound Read Vulnerability IV Notification — InDesignCWE-125 5.5 Medium2023-07-12
CVE-2023-29314 [FG-VD-23-013] Adobe InDesign 2023 Out-of-Bound Read Vulnerability X Notification — InDesignCWE-125 5.5 Medium2023-07-12
CVE-2023-29312 [FG-VD-23-004] Adobe InDesign 2023 Out-of-Bound Read Vulnerability II Notification — InDesignCWE-125 5.5 Medium2023-07-12
CVE-2023-29308 [FG-VD-23-009] Adobe InDesign 2023 Arbitrary Code Execution Vulnerability Notification — InDesignCWE-787 7.8 High2023-07-12
CVE-2023-29318 [FG-VD-23-011] Adobe InDesign 2023 Out-of-Bound Read Vulnerability VIII Notification — InDesignCWE-125 5.5 Medium2023-07-12

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.