40 matches found
CVE-2020-9682
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write...
CVE-2020-3763
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write...
Adobe Creative Cloud < 5.2 Multiple Vulnerabilities (APSB20-33)
The version of Adobe Creative Cloud installed on the remote Windows host is prior to 5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-33 advisory. - Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability...
CVE-2024-41867
CVE-2024-41867 affects Adobe After Effects versions 23.6.6, 24.5 and earlier, with an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). remediation is via Adobe APSB24-55 security update (fixed in 23.6....
CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...
CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...
Adobe After Effects < 23.6.9 / 24.0 < 24.6 Multiple Vulnerabilities (APSB24-55)
The version of Adobe After Effects installed on the remote Windows host is prior to 23.6.9, 24.6. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-55 advisory. - After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability...
BIT-MAGENTO-2021-28584 Magento Commerce path traversal vulnerability in child theme store creation
Magento versions 2.4.2 and earlier, 2.4.1 and earlier and 2.3.6 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is required...
CVE-2022-38424
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system write. Exploitation of this issue does not require user interaction, bu...
Path traversal
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system write. Exploitation of this issue does not require user interaction, bu...
CVE-2022-38424 Adobe ColdFusion Application Server Directory Traversal Arbitrary file system write
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system write. Exploitation of this issue does not require user interaction, bu...
CVE-2022-38424 Adobe ColdFusion Application Server Directory Traversal Arbitrary file system write
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system write. Exploitation of this issue does not require user interaction, bu...
APSB22-44: Security updates available for ColdFusion
Adobe has released security updates for ColdFusion versions 2021 and 2018. These updates resolve Critical, Important and Moderate vulnerabilities that could lead to arbitrary code execution, arbitrary file system write, security feature bypass and privilege escalation...
APSB22-25 : Security update available for Adobe Bridge
Adobe has released a security update for Adobe Bridge. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution, arbitrary file system write and memory leak...
Magento Path Traversal vulnerability
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is...
GHSA-7GPV-XRJR-F5H4 Magento Path Traversal vulnerability
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is...
Adobe Connect CSRF Vulnerability (APSB21-112)
Adobe Connect is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Connect <= 11.3 Arbitrary File System Write Vulnerability (APSB21-112)
The version of Adobe Connect installed on the remote host is prior to 11.4. It is, therefore, affected by a vulnerability as referenced in the apsb21-112 advisory. - Cross-Site Request Forgery CSRF CWE-352 potentially leading to Arbitrary file system write CVE-2021-43014 Note that Nessus has not...
Adobe Creative Cloud Desktop Application <= 5.4 Arbitrary File System Write (APSB21-76) (deprecated)
The version of Adobe Creative Cloud Desktop Application installed on the remote Windows host is prior or equal to 5.4. It is, therefore, affected by an arbitrary file system write vulnerability. Creation of a temporary file in a directory with incorrect permissions allows an authenticated, local...
Adobe Creative Cloud < 5.5 Arbitrary file system write (APSB21-76) (macOS)
The version of Adobe Creative Cloud installed on the remote macOS host is prior to 5.5. It is, therefore, affected by a vulnerability as referenced in the apsb21-76 advisory. - Adobe Creative Cloud Desktop Application version 5.4 and earlier is affected by a file handling vulnerability that could...