Vulnerabilities > Adobe > High

DATE CVE VULNERABILITY TITLE RISK
2025-02-11 CVE-2025-24416 Cross-site Scripting vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
8.7
8.7
2025-02-11 CVE-2025-24417 Cross-site Scripting vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
8.7
8.7
2025-02-11 CVE-2025-24418 Unspecified vulnerability in Adobe Commerce B2B
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation.
network
low complexity
adobe
8.1
8.1
2025-02-11 CVE-2025-21121 Out-of-bounds Write vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2025-02-11 CVE-2025-21123 Out-of-bounds Write vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2025-02-11 CVE-2025-21157 Out-of-bounds Write vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2025-02-11 CVE-2025-21158 Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Indesign
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-191
7.8
7.8
2025-01-14 CVE-2025-21135 Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Animate
Animate versions 24.0.6, 23.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-191
7.8
7.8
2025-01-14 CVE-2025-21136 Out-of-bounds Write vulnerability in Adobe Substance 3D Designer
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2025-01-14 CVE-2025-21137 Out-of-bounds Write vulnerability in Adobe Substance 3D Designer
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8