Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2017-05-09 CVE-2017-3073 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3072 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3071 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3070 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3069 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3068 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3067 Information Exposure vulnerability in Adobe Experience Manager Forms 6.0/6.1/6.2
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.
network
low complexity
adobe CWE-200
7.5
7.5
2017-04-27 CVE-2017-3066 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 10.0/11.0/2016
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2017-04-27 CVE-2017-3008 Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability.
network
low complexity
adobe CWE-79
6.1
6.1
2017-04-12 CVE-2017-3065 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality.
local
low complexity
adobe CWE-119
7.8
7.8