Adobe — Vulnerabilities & Security Advisories 4464

Browse all 4464 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-40776	Adobe Lightroom Classic DLL Hijacking Local Privilege Escalation Vulnerability — Lightroom ClassicCWE-379	6.1	Medium	2022-06-15
CVE-2021-42732	Adobe InDesign crashes when parsing the GIF file — InDesignCWE-788	7.8	High	2022-06-15
CVE-2021-40727	Adobe InDesign crashes when parsing the TIF file — InDesignCWE-788	7.8	High	2022-06-15
CVE-2021-39820	Adobe InDesign Memory Corruption Vulnerability Could Lead to Arbitrary Code Execution — InDesignCWE-787	7.8	High	2022-06-15
CVE-2021-46816	Adobe Premiere Pro M4A file memory corruption vulnerability could lead to remote code execution — PremiereCWE-787	7.8	High	2022-06-13
CVE-2021-46817	Adobe Media Encoder M4A file memory corruption vulnerability could lead to remote code execution — Media EncoderCWE-787	7.8	High	2022-06-13
CVE-2021-46818	Adobe Media Encoder M4A file memory corruption vulnerability could lead to remote code execution — Media EncoderCWE-787	7.8	High	2022-06-13
CVE-2022-28830	Adobe FrameMaker Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — FrameMakerCWE-125	5.5	Medium	2022-05-13
CVE-2022-28829	Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — FrameMakerCWE-787	7.8	-	2022-05-13
CVE-2022-28828	Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Code Execution Vulnerability — FrameMakerCWE-787	7.8	-	2022-05-13
CVE-2022-28827	Adobe FrameMaker SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — FrameMakerCWE-787	7.8	-	2022-05-13
CVE-2022-28826	Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — FrameMakerCWE-787	7.8	-	2022-05-13
CVE-2022-28825	Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — FrameMakerCWE-787	7.8	-	2022-05-13
CVE-2022-28824	Adobe FrameMaker Font Parsing Use-After-Free Remote Code Execution Vulnerability — FrameMakerCWE-416	7.8	-	2022-05-13
CVE-2022-28823	Adobe FrameMaker Font Parsing Use-After-Free Remote Code Execution Vulnerability — FrameMakerCWE-416	7.8	-	2022-05-13
CVE-2022-28822	Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — FrameMakerCWE-787	7.8	-	2022-05-13
CVE-2022-28821	Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — FrameMakerCWE-787	7.8	-	2022-05-13
CVE-2022-28818	ColdFusion Reflected Cross-Site Scripting could lead to Arbitrary Code Execution — ColdFusionCWE-79	6.1	-	2022-05-12
CVE-2022-28819	Adobe Character Animator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — Character AnimatorCWE-787	7.8	-	2022-05-12
CVE-2022-28838	Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability — Acrobat ReaderCWE-416	7.8	High	2022-05-11
CVE-2022-28837	Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability — Acrobat ReaderCWE-416	5.5	Medium	2022-05-11
CVE-2022-28269	Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability — Acrobat ReaderCWE-416	3.3	-	2022-05-11
CVE-2022-28268	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	-	2022-05-11
CVE-2022-28267	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	Medium	2022-05-11
CVE-2022-28266	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	Medium	2022-05-11
CVE-2022-28265	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	Medium	2022-05-11
CVE-2022-28264	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	Medium	2022-05-11
CVE-2022-28263	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	Medium	2022-05-11
CVE-2022-28262	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	Medium	2022-05-11
CVE-2022-28261	Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability — Acrobat ReaderCWE-125	5.5	Medium	2022-05-11

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Adobe — Vulnerabilities & Security Advisories 4464