Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-11 | CVE-2017-2938 | Unspecified vulnerability in Adobe Flash Player Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections. | 6.5 |
| 2016-12-15 | CVE-2016-7891 | Cross-site Scripting vulnerability in Adobe Robohelp Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7888 | Information Exposure vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak. | 5.3 |
| 2016-12-15 | CVE-2016-7884 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7883 | Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0 Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-7882 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-6934 | Cross-site Scripting vulnerability in Adobe Experience Manager Forms and Livecycle Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the PMAdmin module that could be used in cross-site scripting attacks. | 6.1 |
| 2016-12-15 | CVE-2016-6933 | Cross-site Scripting vulnerability in Adobe Experience Manager and Livecycle Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks. | 6.1 |
| 2016-11-08 | CVE-2016-7851 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. | 6.1 |
| 2016-09-14 | CVE-2016-4278 | Unspecified vulnerability in Adobe Flash Player Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277. | 6.5 |