77 matches found
Adobe Connect CSRF Vulnerability (APSB21-112)
Adobe Connect is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Connect <= 11.3 Arbitrary File System Write Vulnerability (APSB21-112)
The version of Adobe Connect installed on the remote host is prior to 11.4. It is, therefore, affected by a vulnerability as referenced in the apsb21-112 advisory. - Cross-Site Request Forgery CSRF CWE-352 potentially leading to Arbitrary file system write CVE-2021-43014 Note that Nessus has not...
Adobe Creative Cloud Desktop Application <= 5.4 Arbitrary File System Write (APSB21-76) (deprecated)
The version of Adobe Creative Cloud Desktop Application installed on the remote Windows host is prior or equal to 5.4. It is, therefore, affected by an arbitrary file system write vulnerability. Creation of a temporary file in a directory with incorrect permissions allows an authenticated, local...
Adobe Creative Cloud < 5.5 Arbitrary file system write (APSB21-76) (macOS)
The version of Adobe Creative Cloud installed on the remote macOS host is prior to 5.5. It is, therefore, affected by a vulnerability as referenced in the apsb21-76 advisory. - Adobe Creative Cloud Desktop Application version 5.4 and earlier is affected by a file handling vulnerability that could...
Adobe Digital Editions <= 4.5.11.187646 Multiple Vulnerabilities (macOS) (APSB21-80)
Adobe Digital Editions version 4.5.11.187646 and earlier is affected by multiple vulnerabilities, as follows: - An OS command injection vulnerability that can be exploited by a local attacker to execute arbitrary code. CVE-2021-39826 - An arbitrary file system write vulnerability that can be...
Adobe Digital Editions Multiple Vulnerabilities (APSB21-80) - Mac OS X
The host is missing an important security update according to Adobe September update. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Digital Editions Arbitrary File System Write Vulnerability
Adobe Digital Editions software provides an engaging way to help you view and manage eBooks and other digital publications. Adobe Digital Editions 4.5.11.187646 and earlier versions are vulnerable to an arbitrary file system write vulnerability. The vulnerability stems from the creation of...
CVE-2021-28584
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is...
CVE-2021-28584
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is...
Path traversal
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is...
CVE-2021-28584 Magento Commerce path traversal vulnerability in child theme store creation
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is...
Selenium 3.141.59 Remote Code Execution
Exploit Title: Selenium 3.141.59 - Remote Code Execution Firefox/geckodriver Date: 2021-05-27 Exploit Author: Jon Stratton Vendor Homepage: https://www.selenium.dev/ Software Link: https://selenium-release.storage.googleapis.com/3.141/selenium-server-standalone-3.141.59.jar Version: 3.141.59 Test...
CVE-2021-21100
Adobe Digital Editions version 4.5.11.187245 and earlier is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue...
Privilege escalation
Adobe Digital Editions version 4.5.11.187245 and earlier is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue...
CVE-2021-21100 Adobe Digital Editions Arbitrary file system write vulnerability
Adobe Digital Editions version 4.5.11.187245 and earlier is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue...
Adobe Digital Editions Arbitrary File System Write Vulnerability (APSB21-26) - Mac OS X
Adobe Digital Edition is prone to arbitrary file system write vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
APSB21-26 Security update available for Adobe Digital Editions
Adobe has released a security update for Adobe Digital Editions. This update resolves a critical vulnerability that could result in arbitrary file system write...
Adobe Creative Cloud Security Update (APSB20-33) - Windows
Adobe Creative cloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:creativecloud";...
CVE-2020-9682
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write...
Design/Logic Flaw
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write...