Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-19 CVE-2022-44467 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
2022-12-19 CVE-2022-44474 Unspecified vulnerability in Adobe Experience Manager
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe
5.4
2022-12-19 CVE-2022-44488 Unspecified vulnerability in Adobe Experience Manager
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability.
network
low complexity
adobe
5.4
2022-10-14 CVE-2022-35698 Unspecified vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability.
network
low complexity
adobe
5.4
2022-09-30 CVE-2022-28851 Cross-site Scripting vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
2022-09-26 CVE-2022-2926 Unspecified vulnerability in Adobe Download Manager
The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory
network
low complexity
adobe
4.9
2022-09-23 CVE-2022-38438 Unspecified vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe
5.4
2022-09-23 CVE-2022-38439 Unspecified vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe
5.4
2022-09-19 CVE-2022-35709 Unspecified vulnerability in Adobe Bridge
Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe
5.5
2022-09-19 CVE-2022-38425 Use After Free vulnerability in Adobe Bridge
Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-416
5.5