Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4340

Browse all 4340 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion After Effects Dimension Bridge Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Designer Substance3D - Modeler Adobe Connect Adobe Photoshop CC Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2023-25878 Adobe Substance 3D Stager OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Substance3D - StagerCWE-125 5.5 Medium2023-03-27
CVE-2023-25908 Adobe Photoshop SVG file Use After Free Arbitrary code execution — PhotoshopCWE-416 7.8 High2023-03-27
CVE-2023-26359 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution — ColdFusionCWE-502 9.8 Critical2023-03-23
CVE-2023-26360 Adobe ColdFusion Improper Access Control Arbitrary code execution — ColdFusionCWE-284 8.6 High2023-03-23
CVE-2023-26361 Adobe ColdFusion Directory Traversal Arbitrary file system read Vulnerability — ColdFusionCWE-22 4.9 Medium2023-03-23
CVE-2023-21615 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) — Adobe Experience ManagerCWE-79 5.4 Medium2023-03-22
CVE-2023-21616 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) — Adobe Experience ManagerCWE-79 5.4 Medium2023-03-22
CVE-2023-22252 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 Medium2023-03-22
CVE-2023-22253 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 Medium2023-03-22
CVE-2023-22254 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 Medium2023-03-22
CVE-2023-22256 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22257 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22258 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22259 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22260 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22261 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22262 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22263 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22264 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22265 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22266 AEM URL Redirection to Untrusted Site Security feature bypass — Experience ManagerCWE-601 5.4 Medium2023-03-22
CVE-2023-22269 AEM Reflected XSS Arbitrary code execution — Experience ManagerCWE-79 5.4 Medium2023-03-22
CVE-2023-22271 AEM Weak Cryptography for Passwords Security feature bypass — Experience ManagerCWE-261 5.3 Medium2023-03-22
CVE-2023-25859 Adobe Illustrator Improper Input Validation Remote Code Execution Vulnerability — IllustratorCWE-20 7.8 High2023-03-22
CVE-2023-25860 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — IllustratorCWE-787 7.8 High2023-03-22
CVE-2023-25861 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — IllustratorCWE-787 7.8 High2023-03-22
CVE-2023-25862 Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — IllustratorCWE-125 5.5 Medium2023-03-22
CVE-2023-26358 Adobe Creative Cloud AdobeExtensionService.exe local privilege escalation vulnerability — Creative Cloud (desktop component)CWE-426 8.6 High2023-03-22
CVE-2023-26426 Adobe Illustrator (Beta) has a UAF vulnerability when parsing SVG files Arbitrary code execution — IllustratorCWE-416 7.8 High2023-03-22
CVE-2023-21574 Adobe Photoshop Improper Input Validation Remote Code Execution Vulnerability — PhotoshopCWE-20 7.8 High2023-02-17

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.