Vulnerabilities > Adobe > Low

DATE CVE VULNERABILITY TITLE RISK
2022-01-13 CVE-2021-43761 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
adobe CWE-79
3.5
2022-01-13 CVE-2021-43764 Cross-site Scripting vulnerability in Adobe Experience Manager
AEM's Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
adobe CWE-79
3.5
2021-11-18 CVE-2021-43017 Creation of Temporary File in Directory with Incorrect Permissions vulnerability in Adobe Creative Cloud Desktop Application
Adobe Creative Cloud version 5.5 (and earlier) are affected by an Application denial of service vulnerability in the Creative Cloud Desktop installer.
network
adobe CWE-379
3.5
2021-09-27 CVE-2021-28613 Creation of Temporary File in Directory with Incorrect Permissions vulnerability in Adobe Creative Cloud Desktop Application
Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file.
local
adobe CWE-379
3.3
2021-09-27 CVE-2021-40711 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a stored XSS vulnerability when creating Content Fragments.
network
adobe CWE-79
3.5
2021-09-02 CVE-2021-35995 Improper Initialization vulnerability in Adobe After Effects
Adobe After Effects version 18.2.1 (and earlier) is affected by an Improper input validation vulnerability when parsing a specially crafted file.
local
low complexity
adobe CWE-665
3.3
2021-09-01 CVE-2021-36057 Write-what-where Condition vulnerability in Adobe XMP Toolkit Software Development KIT 2020.1
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process.
local
low complexity
adobe CWE-123
2.1
2021-08-24 CVE-2021-28633 Unspecified vulnerability in Adobe Creative Cloud Desktop Application 2.4
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability.
local
low complexity
adobe
3.6
2021-08-20 CVE-2021-36006 Improper Initialization vulnerability in Adobe Photoshop
Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) are affected by an Improper input validation vulnerability when parsing a specially crafted file.
local
low complexity
adobe CWE-665
3.3
2021-04-15 CVE-2021-21087 Cross-site Scripting vulnerability in Adobe Coldfusion 2016/2018/2021.0.0.323925
Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.323925 are affected by an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability.
network
adobe CWE-79
3.5