Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-03-19 CVE-2024-53967 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session.
network
low complexity
adobe CWE-79
5.4
2025-03-19 CVE-2024-53968 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session.
network
low complexity
adobe CWE-79
5.4
2025-03-19 CVE-2024-53969 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session.
network
low complexity
adobe CWE-79
5.4
2025-03-19 CVE-2024-53970 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
adobe CWE-79
5.4
2025-03-11 CVE-2025-21170 NULL Pointer Dereference vulnerability in Adobe Substance 3D Modeler
Substance3D - Modeler versions 1.15.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service.
local
low complexity
adobe CWE-476
5.5
2025-03-11 CVE-2025-27180 Out-of-bounds Read vulnerability in Adobe Substance 3D Modeler
Substance3D - Modeler versions 1.15.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2025-03-11 CVE-2025-24431 Out-of-bounds Read vulnerability in Adobe products
Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2025-03-11 CVE-2025-24448 Out-of-bounds Read vulnerability in Adobe Illustrator
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2025-03-11 CVE-2025-24449 Out-of-bounds Read vulnerability in Adobe Illustrator
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
2025-03-11 CVE-2025-27170 NULL Pointer Dereference vulnerability in Adobe Illustrator
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service.
local
low complexity
adobe CWE-476
5.5