Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-03 | CVE-2014-1887 | Permissions, Privileges, and Access Controls vulnerability in Drinkedin Barfinder The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult sites, as demonstrated by (1) freelifetimecheating.com and (2) www.babesroulette.com. | 4.3 |
| 2014-03-03 | CVE-2014-1886 | Permissions, Privileges, and Access Controls vulnerability in Edinburghtour Edinburgh BY BUS The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern European dating sites." | 6.8 |
| 2014-03-03 | CVE-2014-1885 | Permissions, Privileges, and Access Controls vulnerability in Hsgroup Forzearmate The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication advertising domain. | 6.4 |
| 2013-07-10 | CVE-2013-3349 | Remote Denial of Service vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2 Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when the JRun application server is used, allows remote attackers to cause a denial of service via unknown vectors. | 5.0 |
| 2013-05-16 | CVE-2013-2737 | Information Exposure vulnerability in Adobe Acrobat and Acrobat Reader A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2013-05-09 | CVE-2013-3336 | Information Disclosure vulnerability in Adobe ColdFusion Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors. | 5.0 |
| 2013-02-12 | CVE-2013-0637 | Information Exposure vulnerability in Adobe Air, AIR SDK and Flash Player Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allow attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2012-12-12 | CVE-2012-5675 | Permissions, Privileges, and Access Controls vulnerability in Adobe Coldfusion Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypass intended shared-hosting sandbox permissions via unspecified vectors. | 4.4 |
| 2012-09-12 | CVE-2012-2048 | Local Denial of Service vulnerability in Adobe ColdFusion Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors. | 5.0 |
| 2012-09-07 | CVE-2010-5270 | Unspecified vulnerability in Adobe Device Central CS4 2.0.0 Multiple untrusted search path vulnerabilities in Adobe Device Central CS4 2.0.0 0476 allow local users to gain privileges via a Trojan horse (1) ibfs32.dll or (2) amt_cdb.dll file in the current working directory, as demonstrated by a directory that contains a .adcp file. local adobe | 6.9 |