Vulnerabilities > Adobe
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-15 | CVE-2016-7889 | Information Exposure vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.2 and earlier has an issue with parsing crafted XML entries that could lead to information disclosure. | 7.5 |
| 2016-12-15 | CVE-2016-7888 | Information Exposure vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak. | 5.3 |
| 2016-12-15 | CVE-2016-7887 | Information Exposure vulnerability in Adobe Coldfusion Builder Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important vulnerability that could lead to information disclosure. | 7.5 |
| 2016-12-15 | CVE-2016-7886 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Indesign and Indesign Server Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 and earlier have an exploitable memory corruption vulnerability. | 9.8 |
| 2016-12-15 | CVE-2016-7885 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. | 8.8 |
| 2016-12-15 | CVE-2016-7884 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7883 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0 Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7882 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7881 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. | 8.8 |
| 2016-12-15 | CVE-2016-7880 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. | 8.8 |