Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-27 CVE-2023-22251 Incorrect Authorization vulnerability in Adobe Commerce and Magento Open Source
Adobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an Incorrect Authorization vulnerability.
network
low complexity
adobe CWE-863
4.3
4.3
2023-03-27 CVE-2023-25875 Out-of-bounds Read vulnerability in Adobe Substance 3D Stager
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
5.5
2023-03-27 CVE-2023-25876 Out-of-bounds Read vulnerability in Adobe Substance 3D Stager
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
5.5
2023-03-27 CVE-2023-25877 Out-of-bounds Read vulnerability in Adobe Substance 3D Stager
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
5.5
2023-03-27 CVE-2023-25878 Out-of-bounds Read vulnerability in Adobe Substance 3D Stager
Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
local
low complexity
adobe CWE-125
5.5
5.5
2023-03-23 CVE-2023-26361 Path Traversal vulnerability in Adobe Coldfusion 2018/2021
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read.
network
low complexity
adobe CWE-22
4.9
4.9
2023-03-22 CVE-2023-21615 Cross-site Scripting vulnerability in Adobe Experience Manager
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2023-03-22 CVE-2023-21616 Cross-site Scripting vulnerability in Adobe Experience Manager
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2023-03-22 CVE-2023-22252 Cross-site Scripting vulnerability in Adobe Experience Manager
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4
2023-03-22 CVE-2023-22253 Cross-site Scripting vulnerability in Adobe Experience Manager
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
5.4
5.4