Vulnerabilities > Adobe > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-14 | CVE-2024-41851 | Integer Overflow or Wraparound vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-08-14 | CVE-2024-41852 | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-08-14 | CVE-2024-41853 | Out-of-bounds Write vulnerability in Adobe Indesign InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-08-14 | CVE-2024-41856 | Unspecified vulnerability in Adobe Illustrator Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-08-14 | CVE-2024-41865 | Untrusted Search Path vulnerability in Adobe Dimension Dimension versions 3.4.11 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. | 7.8 |
| 2024-08-14 | CVE-2024-39398 | Improper Restriction of Excessive Authentication Attempts vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. | 7.4 |
| 2024-08-14 | CVE-2024-39399 | Path Traversal vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. | 7.7 |
| 2024-08-14 | CVE-2024-39400 | Cross-site Scripting vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. | 8.1 |
| 2024-08-14 | CVE-2024-39401 | OS Command Injection vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. | 8.4 |
| 2024-08-14 | CVE-2024-39402 | OS Command Injection vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. | 8.4 |