Vulnerabilities > Adobe > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-34115 Out-of-bounds Write vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2
Substance3D - Stager versions 2.1.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8
2024-06-13 CVE-2024-34116 Uncontrolled Search Path Element vulnerability in Adobe Creative Cloud Desktop Application
Creative Cloud Desktop versions 6.1.0.587 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in a security feature bypass.
local
low complexity
adobe CWE-427
7.1
7.1
2024-06-13 CVE-2024-34129 Path Traversal vulnerability in Adobe Acrobat Reader 20.6.0/20.6.2/20.9.0
Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass.
local
high complexity
adobe CWE-22
7.5
7.5
2024-06-13 CVE-2024-34103 Improper Authentication vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation.
network
high complexity
adobe CWE-287
8.1
8.1
2024-06-13 CVE-2024-34104 Improper Authorization vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-285
8.2
8.2
2024-06-13 CVE-2024-34108 Improper Input Validation vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe CWE-20
7.2
7.2
2024-06-13 CVE-2024-34109 Improper Input Validation vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe CWE-20
7.2
7.2
2024-06-13 CVE-2024-34110 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution.
network
low complexity
adobe CWE-434
7.2
7.2
2024-06-13 CVE-2024-34111 Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read.
network
low complexity
adobe CWE-918
8.8
8.8
2024-02-15 CVE-2024-20726 Out-of-bounds Write vulnerability in Adobe products
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-787
7.8
7.8