Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-14 CVE-2022-35689 Unspecified vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe
5.3
2022-10-14 CVE-2022-35691 NULL Pointer Dereference vulnerability in Adobe products
Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a NULL Pointer Dereference vulnerability.
local
low complexity
adobe CWE-476
5.5
2022-10-14 CVE-2022-35698 Cross-site Scripting vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability.
network
low complexity
adobe CWE-79
5.4
2022-10-14 CVE-2022-38423 Path Traversal vulnerability in Adobe Coldfusion 2018/2021
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in information disclosure.
network
low complexity
adobe CWE-22
4.9
2022-10-14 CVE-2022-38437 Use After Free vulnerability in Adobe products
Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-416
5.5
2022-10-14 CVE-2022-38443 Out-of-bounds Read vulnerability in Adobe Dimension 3.4.3
Adobe Dimension versions 3.4.5 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2022-10-14 CVE-2022-38449 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2022-10-14 CVE-2022-42342 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2022-09-30 CVE-2022-28851 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
2022-09-26 CVE-2022-2926 Path Traversal vulnerability in Adobe Download Manager
The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory
network
low complexity
adobe CWE-22
4.9