Vulnerabilities > Adobe > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-16 | CVE-2022-34256 | Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. | 9.8 |
| 2022-01-13 | CVE-2021-40722 | XXE vulnerability in Adobe products AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacker to achieve RCE. | 9.8 |
| 2021-09-01 | CVE-2021-36020 | XML Injection (aka Blind XPath Injection) vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the 'City' field. | 9.8 |
| 2020-09-10 | CVE-2020-9732 | Cross-site Scripting vulnerability in Adobe Experience Manager The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. | 9.0 |
| 2020-07-17 | CVE-2020-9682 | Link Following vulnerability in Adobe Creative Cloud Desktop Application Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. | 9.8 |
| 2020-07-17 | CVE-2020-9671 | Incorrect Permission Assignment for Critical Resource vulnerability in Adobe Creative Cloud Desktop Application Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. | 9.8 |
| 2020-07-17 | CVE-2020-9670 | Link Following vulnerability in Adobe Creative Cloud Desktop Application Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. | 9.8 |
| 2020-07-17 | CVE-2020-9669 | Improper Privilege Management vulnerability in Adobe Creative Cloud Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. | 9.8 |
| 2020-06-12 | CVE-2020-9633 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. | 9.8 |
| 2020-03-25 | CVE-2020-3789 | Out-of-bounds Write vulnerability in Adobe Photoshop 2020 and Photoshop CC Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. | 9.8 |