Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-14 | CVE-2022-35691 | NULL Pointer Dereference vulnerability in Adobe products Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a NULL Pointer Dereference vulnerability. | 5.5 |
| 2022-10-14 | CVE-2022-35698 | Cross-site Scripting vulnerability in Adobe Commerce and Magento Open Source Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. | 5.4 |
| 2022-10-14 | CVE-2022-38423 | Path Traversal vulnerability in Adobe Coldfusion 2018/2021 Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in information disclosure. | 4.9 |
| 2022-10-14 | CVE-2022-38437 | Use After Free vulnerability in Adobe products Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2022-10-14 | CVE-2022-38443 | Out-of-bounds Read vulnerability in Adobe Dimension 3.4.3 Adobe Dimension versions 3.4.5 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2022-10-14 | CVE-2022-38449 | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2022-10-14 | CVE-2022-42342 | Out-of-bounds Read vulnerability in Adobe products Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2022-09-30 | CVE-2022-28851 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 5.4 |
| 2022-09-26 | CVE-2022-2926 | Path Traversal vulnerability in Adobe Download Manager The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory | 4.9 |
| 2022-09-16 | CVE-2022-30674 | Out-of-bounds Read vulnerability in multiple products Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |