Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2024-12-10 CVE-2024-53951 Out-of-bounds Read vulnerability in Adobe Indesign
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
5.5
2024-12-10 CVE-2024-53952 NULL Pointer Dereference vulnerability in Adobe Indesign
InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service.
local
low complexity
adobe CWE-476
5.5
5.5
2024-12-10 CVE-2024-53953 Use After Free vulnerability in Adobe Animate
Animate versions 23.0.8, 24.0.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-416
7.8
7.8
2024-12-10 CVE-2024-53954 Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Animate
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-191
7.8
7.8
2024-12-10 CVE-2024-54032 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
6.1
6.1
2024-12-10 CVE-2024-54034 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
6.1
6.1
2024-12-10 CVE-2024-54036 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
6.1
6.1
2024-12-10 CVE-2024-54037 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the context of the victim's browser session.
network
low complexity
adobe CWE-79
5.4
5.4
2024-12-10 CVE-2024-54038 Unspecified vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe
6.5
6.5
2024-12-10 CVE-2024-54039 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
5.4
5.4