Vulnerabilities > Adobe > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2021-21009 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Campaign Classic Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. | 5.0 |
| 2021-01-13 | CVE-2021-21008 | Uncontrolled Search Path Element vulnerability in Adobe Animate 15.2.1.95/20.5/21.0 Adobe Animate version 21.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. | 6.8 |
| 2021-01-13 | CVE-2021-21007 | Uncontrolled Search Path Element vulnerability in Adobe Illustrator Adobe Illustrator version 25.0 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. | 6.8 |
| 2021-01-13 | CVE-2021-21006 | Heap-based Buffer Overflow vulnerability in Adobe Photoshop Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. | 6.8 |
| 2020-12-10 | CVE-2020-24444 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Forms Add-On 6.4.8.2/6.5.6.0 AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. | 5.0 |
| 2020-11-12 | CVE-2020-24443 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 4.3 |
| 2020-11-12 | CVE-2020-24442 | Cross-site Scripting vulnerability in Adobe Connect Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. | 4.3 |
| 2020-11-12 | CVE-2020-24441 | Unspecified vulnerability in Adobe Acrobat Reader 20.6.0/20.6.2 Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. | 5.5 |
| 2020-11-05 | CVE-2020-24438 | Use After Free vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. | 4.3 |
| 2020-11-05 | CVE-2020-24437 | Use After Free vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. | 6.8 |