Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-22 | CVE-2021-42737 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Prelude 10.1/9.0/9.0.1 Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. | 6.8 |
| 2021-11-22 | CVE-2021-43016 | NULL Pointer Dereference vulnerability in Adobe Incopy 15.1.3/16.0/16.4 Adobe InCopy version 16.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. | 4.3 |
| 2021-11-19 | CVE-2021-36003 | Out-of-bounds Read vulnerability in Adobe Audition 13.0.5/13.0.6 Adobe Audition version 14.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a specially crafted file. | 4.3 |
| 2021-11-18 | CVE-2021-40756 | NULL Pointer Dereference vulnerability in Adobe After Effects Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. | 4.3 |
| 2021-11-18 | CVE-2021-40761 | NULL Pointer Dereference vulnerability in Adobe After Effects Adobe After Effects version 18.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. | 4.3 |
| 2021-11-18 | CVE-2021-42268 | NULL Pointer Dereference vulnerability in Adobe Animate Adobe Animate version 21.0.9 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. | 4.3 |
| 2021-11-17 | CVE-2021-40745 | Path Traversal vulnerability in Adobe Campaign Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. | 5.0 |
| 2021-10-15 | CVE-2021-39864 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce and Magento Open Source Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. | 4.3 |
| 2021-10-15 | CVE-2021-40721 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 11.2.3 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 4.3 |
| 2021-10-15 | CVE-2021-40724 | Path Traversal vulnerability in Adobe Acrobat Reader Acrobat Reader for Android versions 21.8.0 (and earlier) are affected by a Path traversal vulnerability. | 6.8 |