Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-28568 | Exposure of Resource to Wrong Sphere vulnerability in Adobe Genuine Service 7.1 Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. | 6.5 |
| 2021-09-01 | CVE-2021-36026 | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability in the customer address upload feature that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
| 2021-09-01 | CVE-2021-36027 | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a stored cross-site scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
| 2021-09-01 | CVE-2021-36043 | Unspecified vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. | 6.6 |
| 2021-09-01 | CVE-2021-36058 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. | 5.5 |
| 2021-09-01 | CVE-2021-36062 | Unspecified vulnerability in Adobe Connect Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
| 2021-09-01 | CVE-2021-36063 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
| 2021-09-01 | CVE-2021-36077 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. | 5.5 |
| 2021-08-24 | CVE-2021-28618 | Unspecified vulnerability in Adobe Animate Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. | 5.5 |
| 2021-08-24 | CVE-2021-28633 | Exposure of Resource to Wrong Sphere vulnerability in Adobe Creative Cloud Desktop Application 2.4 Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. | 6.1 |