Vulnerabilities > Adobe
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-19 | CVE-2024-53974 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. | 5.4 |
| 2025-02-11 | CVE-2025-21155 | NULL Pointer Dereference vulnerability in Adobe Substance 3D Stager Substance3D - Stager versions 3.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. | 5.5 |
| 2025-02-11 | CVE-2025-21156 | Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Incopy InCopy versions 20.0, 19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2025-02-11 | CVE-2025-21159 | Use After Free vulnerability in Adobe Illustrator 29.0/29.0.1/29.1 Illustrator versions 29.1, 28.7.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2025-02-11 | CVE-2025-21160 | Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Illustrator 29.0/29.0.1/29.1 Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2025-02-11 | CVE-2025-21161 | Out-of-bounds Write vulnerability in Adobe Substance 3D Designer Substance3D - Designer versions 14.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2025-02-11 | CVE-2025-21163 | Out-of-bounds Write vulnerability in Adobe Illustrator 29.0/29.0.1/29.1 Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2025-02-11 | CVE-2025-24406 | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. | 4.9 |
| 2025-02-11 | CVE-2025-24407 | Unspecified vulnerability in Adobe Commerce B2B Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. | 8.1 |
| 2025-02-11 | CVE-2025-24408 | Unspecified vulnerability in Adobe Commerce Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. | 6.5 |