Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2021-10-15 CVE-2021-40720 Deserialization of Untrusted Data vulnerability in Adobe Ops-Cli
Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file.
network
low complexity
adobe CWE-502
critical
10.0
2021-10-07 CVE-2021-40725 Use After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm listbox that could result in arbitrary code execution in the context of the current user.
network
adobe CWE-416
6.8
2021-10-07 CVE-2021-40726 Use After Free vulnerability in Adobe Acrobat DC and Acrobat Reader DC
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForm field that could result in arbitrary code execution in the context of the current user.
network
adobe CWE-416
6.8
2021-10-04 CVE-2021-36051 Classic Buffer Overflow vulnerability in Adobe XMP Toolkit SDK 2020.1
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
network
adobe CWE-120
6.8
2021-09-30 CVE-2021-21089 Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds Read vulnerability.
network
adobe CWE-125
4.3
2021-09-29 CVE-2021-28547 Improper Input Validation vulnerability in Adobe Creative Cloud Desktop Application
Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority.
local
low complexity
adobe CWE-20
4.6
2021-09-29 CVE-2021-35982 Uncontrolled Search Path Element vulnerability in Adobe Acrobat DC and Acrobat Reader DC
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability.
local
adobe CWE-427
4.4
2021-09-29 CVE-2021-39821 Out-of-bounds Read vulnerability in Adobe Indesign
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user.
network
adobe CWE-125
6.8
2021-09-29 CVE-2021-39829 Out-of-bounds Write vulnerability in Adobe Framemaker
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
network
adobe CWE-787
6.8
2021-09-29 CVE-2021-39830 Access of Memory Location After End of Buffer vulnerability in Adobe Framemaker
Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious PDF file, potentially resulting in arbitrary code execution in the context of the current user.
network
adobe CWE-788
6.8