Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4289

Browse all 4289 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Adobe Systems Incorporated primarily develops multimedia and creativity software, most notably the PDF format and the Creative Cloud suite. With a vast attack surface encompassing 4,289 recorded CVEs, the company has historically faced significant security challenges. Common vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from complex legacy codebases and third-party integrations. Notable incidents include critical RCE vulnerabilities in Acrobat Reader and Flash Player, which were frequently exploited by state-sponsored actors and criminal syndicates. The discontinuation of Flash Player marked a pivotal shift, yet the persistence of high-severity bugs in PDF parsing and document processing engines continues to pose risks. Adobe’s extensive market share makes it a high-value target, necessitating rigorous patch management and secure coding practices to mitigate the ongoing threat landscape associated with its widely deployed enterprise and consumer applications.

Found 85 results / 4289Clear Filters
Top products by Adobe: Adobe Experience Manager Adobe Acrobat and Reader Acrobat Reader Adobe Commerce Illustrator InDesign Desktop ColdFusion Dimension Bridge After Effects Animate Experience Manager Substance3D - Stager Magento Commerce Adobe Framemaker Substance3D - Painter InDesign InCopy Photoshop Media Encoder Substance3D - Modeler Adobe Photoshop CC Substance3D - Designer Adobe Connect Audition FrameMaker Magento Adobe Photoshop Photoshop Desktop Substance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2023-38208 Validate Your Inputs | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — Magento CommerceCWE-78 9.1 Critical2023-08-09
CVE-2023-38209 Adobe Commerce Incorrect Authorization Security feature bypass — Magento CommerceCWE-863 6.5 Medium2023-08-09
CVE-2023-22248 Adobe Commerce Incorrect Authorization Security feature bypass — Magento CommerceCWE-863 7.5 High2023-06-15
CVE-2023-29287 Adobe Commerce Information Exposure Security feature bypass — Magento CommerceCWE-200 5.3 Medium2023-06-15
CVE-2023-29289 Adobe Commerce XML Injection Security feature bypass — Magento CommerceCWE-91 6.5 Medium2023-06-15
CVE-2023-29290 Adobe Commerce Guest Cart Shipping Address Overwrite IDOR — Magento CommerceCWE-353 5.3 Medium2023-06-15
CVE-2023-29291 Server Side Request Forgery (SSRF) in USPS carrier integration configuration — Magento CommerceCWE-918 4.9 Medium2023-06-15
CVE-2023-29292 Server Side Request Forgery (SSRF) in FedEx carrier integration configuration — Magento CommerceCWE-918 4.9 Medium2023-06-15
CVE-2023-29294 Bypass Purchase Order Approval using Company User in Adobe Commerce B2B — Magento CommerceCWE-840 4.3 Medium2023-06-15
CVE-2023-29295 Insecure Direct Object Reference (IDOR) in Create Quote Function — Magento CommerceCWE-863 4.3 Medium2023-06-15
CVE-2023-29296 [Cloud] Customer suspects IDOR vulnerability — Magento CommerceCWE-863 4.3 Medium2023-06-15
CVE-2023-29297 Admin-to-admin stored XSS via cache poisoning — Magento CommerceCWE-1336 9.1 Critical2023-06-15
CVE-2023-22249 Adobe Commerce Stored XSS Arbitrary code execution — Magento CommerceCWE-79 4.8 Medium2023-03-27
CVE-2023-22247 Adobe Commerce XML Injection Arbitrary file system read — Magento CommerceCWE-91 7.5 High2023-03-27
CVE-2023-22250 Adobe Commerce Improper Access Control Security feature bypass — Magento CommerceCWE-284 5.3 Medium2023-03-27
CVE-2023-22251 Adobe Commerce Incorrect Authorization Security feature bypass — Magento CommerceCWE-863 4.3 Medium2023-03-27
CVE-2022-35689 Adobe Commerce Improper Access Control Security feature bypass — Magento CommerceCWE-284 5.3 Medium2022-10-14
CVE-2022-35698 Adobe Commerce Stored XSS Arbitrary code execution — Magento CommerceCWE-79 10.0 Critical2022-10-14
CVE-2022-35692 Adobe Commerce Improper Access Control Security feature bypass — Magento CommerceCWE-863 5.3 Medium2022-08-19
CVE-2022-34259 Adobe Commerce Improper Access Control Security feature bypass — Magento CommerceCWE-284 5.3 Medium2022-08-16
CVE-2022-34257 Adobe Commerce Stored XSS Arbitrary code execution — Magento CommerceCWE-79 6.1 Medium2022-08-16
CVE-2022-34253 Adobe Commerce XML Injection Arbitrary code execution — Magento CommerceCWE-91 7.2 -2022-08-16
CVE-2022-34255 Adobe Commerce Improper Access Control Privilege escalation — Magento CommerceCWE-284 8.8 High2022-08-16
CVE-2022-34254 Adobe Commerce Improper Limitation of a Pathname to a Restricted Directory Arbitrary code execution — Magento CommerceCWE-22 9.6 -2022-08-16
CVE-2022-34256 Adobe Commerce Improper Authorization Privilege escalation — Magento CommerceCWE-285 7.5 High2022-08-16
CVE-2022-34258 Adobe Commerce Stored XSS Arbitrary code execution — Magento CommerceCWE-79 4.8 Medium2022-08-16
CVE-2022-24086 Adobe Commerce checkout improper input validation leads to remote code execution — Magento CommerceCWE-20 9.8 Critical2022-02-16
CVE-2021-39864 Adobe Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Cart Addition — Magento CommerceCWE-352 6.5 Medium2021-10-15
CVE-2021-28567 Magento Commerce improper authorization allows an authenticated user to perform certain functions without permission — Magento CommerceCWE-285 6.5 -2021-09-08
CVE-2021-28566 Magento Commerce information disclosure during upload action leveraging a specially crafted file — Magento CommerceCWE-200 3.7 Low2021-09-08

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.