Vulnerabilities > Adobe > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-10 CVE-2024-45116 Cross-site Scripting vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code.
network
low complexity
adobe CWE-79
8.1
2024-10-10 CVE-2024-45117 Unspecified vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read.
network
low complexity
adobe
7.6
2024-10-10 CVE-2024-45148 Unspecified vulnerability in Adobe Commerce and Magento
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that could result in a security feature bypass.
network
low complexity
adobe
8.8
2024-10-09 CVE-2024-45136 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Incopy
InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker.
local
low complexity
adobe CWE-434
7.8
2024-10-09 CVE-2024-45137 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Indesign
InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution.
local
low complexity
adobe CWE-434
7.8
2024-10-09 CVE-2024-47421 Out-of-bounds Read vulnerability in Adobe Framemaker
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.
local
low complexity
adobe CWE-125
7.8
2024-10-09 CVE-2024-47422 Untrusted Search Path vulnerability in Adobe Framemaker
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution.
local
low complexity
adobe CWE-426
7.8
2024-10-09 CVE-2024-47423 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Framemaker
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution.
local
low complexity
adobe CWE-434
7.8
2024-10-09 CVE-2024-47424 Integer Overflow or Wraparound vulnerability in Adobe Framemaker
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-190
7.8
2024-10-09 CVE-2024-47425 Integer Underflow (Wrap or Wraparound) vulnerability in Adobe Framemaker
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe CWE-191
7.8