Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-11 | CVE-2016-1092 | Information Exposure vulnerability in Adobe products Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079. | 5.0 |
| 2016-05-11 | CVE-2016-1079 | Information Exposure vulnerability in Adobe products Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092. | 5.0 |
| 2016-05-11 | CVE-2016-1115 | Improper Input Validation vulnerability in Adobe Coldfusion 10.0/11.0/2016 Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. | 4.3 |
| 2016-05-11 | CVE-2016-1113 | Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2016-04-30 | CVE-2016-1111 | Double Free Remote Code Execution vulnerability in Adobe Acrobat and Reader Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary. | 6.8 |
| 2016-04-22 | CVE-2016-1036 | Cross-site Scripting vulnerability in Adobe Analytics Appmeasurement for Flash Library 4.0 Cross-site scripting (XSS) vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2016-04-12 | CVE-2016-1035 | Information Exposure vulnerability in Adobe Robohelp 9/9.0.0.228/9.0.1 Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2016-02-10 | CVE-2016-0955 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.1.0 Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a folder title field that is mishandled in the Deletion popup dialog. | 4.3 |
| 2016-02-10 | CVE-2016-0950 | Improper Input Validation vulnerability in Adobe Connect Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors. | 5.0 |
| 2016-02-10 | CVE-2016-0948 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Connect Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |