Vulnerabilities > Adobe > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-01 | CVE-2021-36039 | Incorrect Authorization vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability via the `quoteId` parameter. | 6.5 |
2021-09-01 | CVE-2021-36043 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce and Magento Open Source Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by a blind SSRF vulnerability in the bundled dotmailer extension. | 6.6 |
2021-09-01 | CVE-2021-36056 | Heap-based Buffer Overflow vulnerability in multiple products XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. | 5.5 |
2021-09-01 | CVE-2021-36058 | Integer Overflow or Wraparound vulnerability in multiple products XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. | 5.5 |
2021-09-01 | CVE-2021-36061 | Violation of Secure Design Principles vulnerability in Adobe Connect Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. | 5.4 |
2021-09-01 | CVE-2021-36062 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
2021-09-01 | CVE-2021-36063 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected Cross-site Scripting vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. | 6.1 |
2021-09-01 | CVE-2021-36077 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. | 5.5 |
2021-08-24 | CVE-2021-28618 | Out-of-bounds Read vulnerability in Adobe Animate Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. | 5.5 |
2021-08-24 | CVE-2021-28619 | Out-of-bounds Read vulnerability in Adobe Animate Adobe Animate version 21.0.6 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. | 5.5 |