Lucene search
K

70125 matches found

Cvelist
Cvelist
added 2026/06/16 8:12 p.m.24 views

CVE-2026-48294

Adobe Acrobat PDF Extension Chrome versions 26.5.2.2 and earlier are affected by a UXSS-class cross-origin data disclosure vulnerability. An attacker could exploit this vulnerability to gain access to data regarding the victim's session. Exploitation of this issue requires user interaction in tha...

7.4CVSS0.00719EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.261 views

Adobe Commerce & Magento - CosmicSting

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary code execution. id: CVE-2024-34102 info: name: Adobe Commerce & Magento - CosmicSting author:...

9.8CVSS9AI score0.99994EPSS
Exploits26References2
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.64 views

Adobe ColdFusion - Access Control Bypass

An attacker is able to access every CFM and CFC endpoint within the ColdFusion Administrator path /CFIDE/, of which there are 437 CFM files and 96 CFC files in a ColdFusion 2021 Update 6 install. id: CVE-2023-29298 info: name: Adobe ColdFusion - Access Control Bypass author:...

7.5CVSS8.4AI score0.99754EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.56 views

Adobe ColdFusion - Access Control Bypass

There is an access control bypass vulnerability in Adobe ColdFusion versions 2023 Update 2 and below, 2021 Update 8 and below and 2018 update 18 and below, which allows a remote attacker to bypass the ColdFusion mechanisms that restrict unauthenticated external access to ColdFusion's Administrato...

7.5CVSS8AI score0.99732EPSS
Exploits0References4
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.89 views

Adobe ColdFusion - Arbitrary File Read

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary...

7.4CVSS8AI score0.98514EPSS
Exploits7References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.146 views

Adobe ColdFusion - Deserialization of Untrusted Data

Adobe ColdFusion versions 2018u17 and earlier, 2021u7 and earlier and 2023u1 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-38203 info: name:...

9.8CVSS8.9AI score0.97003EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.57 views

Adobe ColdFusion - Pre-Auth Remote Code Execution

Adobe ColdFusion versions 2018u16 and earlier, 2021u6 and earlier and 2023.0.0.330468 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-29300 info:...

9.8CVSS8.9AI score0.99984EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.92 views

Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI

Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to 1 CFIDE/administrator/settings/mappings.cfm, 2 logging/settings.cfm, 3 datasources/index.cfm, 4...

9.8CVSS8.7AI score0.99721EPSS
Exploits13References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.101 views

Adobe ColdFusion - Unrestricted File Upload Remote Code Execution

Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. id: CVE-2018-15961 info: name: Adobe ColdFusion - Unrestricted File Upload...

10CVSS9.2AI score0.9995EPSS
Exploits11References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.19 views

PT-2026-50077

Name of the Vulnerable Software and Affected Versions Adobe Acrobat PDF Extension Chrome versions prior to 26.5.2.3 Description A UXSS-class cross-origin data disclosure issue exists where an attacker can gain access to the victim's session data. UXSS Universal Cross-Site Scripting is a type of...

7.4CVSS5.8AI score0.00719EPSS
Exploits0References3
Adobe
Adobe
added 2026/06/16 12:0 a.m.12 views

APSB26-67 : Security update available for Adobe DNG SDK

Adobe has released an update for the Adobe DNG Software Development Kit SDK for Windows and macOS. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution and memory exposure...

6.2AI score
Exploits0Affected Software1
NCSC
NCSC
added 2026/06/11 8:18 a.m.12 views

Vulnerabilities present in Adobe Acrobat Reader

Adobe has identified vulnerabilities in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651, and earlier versions. These vulnerabilities include an out-of-bounds write vulnerability and multiple Use After Free errors. These errors occur when processing certain malformed or maliciously...

7.8CVSS7.6AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.12 views

CVE-2026-48289

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS5.4AI score0.00299EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.12 views

CVE-2026-48288

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write...

3.5CVSS5.4AI score0.0041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.10 views

CVE-2026-48300

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.9 views

CVE-2026-48301

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.8 views

CVE-2026-48304

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.8 views

CVE-2026-48297

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.12 views

CVE-2026-48280

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.9 views

CVE-2026-48271

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00283EPSS
Exploits0References1
Rows per page
Query Builder