CVE-2021-42728

Adobe Bridge CVE-2021-42728 affects Bridge 11.1.1 and earlier due to a stack overflow from insecure handling of a crafted file, potentially allowing arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a crafted file). The issue is address...

CVE-2021-40750

Adobe Bridge 11.1.1 and earlier is affected by a null pointer dereference when parsing a crafted file. The issue allows a local attacker to cause an application denial-of-service in the context of the current user, and exploitation requires user interaction (victim opens a malicious file). Multip...

CVE-2021-42729

Adobe Bridge 11.1.1 and earlier are affected by a memory corruption vulnerability caused by insecure handling of a malicious WAV file, potentially enabling arbitrary code execution in the current user context. Exploitation requires user interaction. The advisory APSB21-94 patches to 11.1.2 or lat...

CVE-2022-38425

CVE-2022-38425 affects Adobe Bridge (versions <=12.0.2 and

CVE-2021-42730

Adobe Bridge 11.1.1 and earlier is affected by a memory corruption vulnerability caused by insecure handling of a malicious PSD file, potentially enabling arbitrary code execution in the user’s context. Exploitation requires user interaction (opening a crafted file). A patch is available: update ...

CVE-2021-42719

Adobe Bridge 11.x (11.1.1 and earlier) is affected by an out-of-bounds read while parsing a crafted .jpe file, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). This vulnerability is docume...

CVE-2022-35703

CVE-2022-35703 affects Adobe Bridge (versions up to 12.0.2 and 11.1.3 and earlier). It is an out-of-bounds read vulnerability triggered while parsing a crafted file, potentially allowing code execution in the user’s context. Exploitation requires user interaction (the target must open a malicious...

CVE-2022-28839

Adobe Bridge 12.0.1 and earlier is affected by an out-of-bounds write vulnerability (CVE-2022-28839) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction — the victim must open a malicious file. Affected entries and advisories refe...

CVE-2022-35708

Adobe Bridge is affected by a heap-based buffer overflow (CVE-2022-35708) in versions 12.0.2 and earlier and 11.1.3 and earlier, leading to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Publicly documented ...

CVE-2021-42533

Product/impact summary: Adobe Bridge (versions 11.1.1 and earlier) is affected by a double‑free vulnerability in the DCM file parsing path, which could lead to arbitrary code execution in the context of the current user. Root cause: a double‑free condition during crafted DCM parsing. Impact: pote...

CVE-2022-28840

Adobe Bridge (version 12.0.1 and earlier) is affected by an out-of-bounds write vulnerability that can lead to arbitrary code execution in the context of the current user. Root cause: an out-of-bounds write in the handling of certain files. Impact: high risk of remote code execution if a user ope...

CVE-2022-28850

CVE-2022-28850 affects Adobe Bridge 12.x before 12.0.2 (12.0.1 and earlier). It is an out-of-bounds read during font parsing that can disclose sensitive memory and may bypass mitigations such as ASLR. Exploitation requires the user to open a malicious file. The issue is documented with a remediat...

CVE-2022-35702

CVE-2022-35702 affects Adobe Bridge 12.0.2 and earlier and 11.1.3 and earlier. It is an out-of-bounds read vulnerability in the file parser that could allow arbitrary code execution in the context of the current user; exploitation requires the user to open a crafted file. Remediation: apply updat...

CVE-2022-35705

Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability in MP4/file parsing that could allow code execution when a user opens a crafted file. Root cause: parsing a crafted file can read past allocated memory; exploitable with user int...

CVE-2021-42724

Adobe Bridge 11.x before 11.1.2 is affected by a memory corruption vulnerability (CVE-2021-42724) due to insecure handling of a malicious file. Exploitation requires user interaction, and issues are linked to APSB21-94; remediation is to apply the security update to 11.1.2 or later (Adobe Bridge ...

CVE-2021-42720

CVE-2021-42720 affects Adobe Bridge 11.1.1 and earlier, due to an out-of-bounds read when parsing a crafted file, potentially allowing arbitrary code execution in the user’s context. Exploitation requires user interaction (opening a malicious file). Affected product is Adobe Bridge; root cause is...

CVE-2022-35701

Adobe Bridge is affected by an out-of-bounds write vulnerability (CVE-2022-35701) that could allow arbitrary code execution in the context of the current user. Affected software includes Adobe Bridge 12.0.2 and earlier, and 11.1.3 and earlier. The issue requires user interaction: a victim must op...

CVE-2022-28849

Adobe Bridge 12.x versions (12.0.1 and earlier) are affected by a Use-After-Free vulnerability that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). The issue is addressed in APSB22-25 with a secur...

CVE-2022-35704

Adobe Bridge (Windows/macOS) is affected in versions 12.0.2 and earlier, and 11.1.3 and earlier, by a Use-After-Free vulnerability in SVG/file parsing that could lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file)....

CVE-2007-1279

CVE-2007-1279 affects the installer for Adobe Bridge 1.0.3 update on macOS. The vulnerability is described as a local privilege escalation during the installation process when patching with desktop management tools, enabling a local user to gain privileges via unspecified vectors during installat...

CVE-2022-28845

Adobe Bridge 12.x before 12.0.2 is affected by an out-of-bounds write vulnerability (CVE-2022-28845) that can allow arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). The issue is disclosed in APSB22-25 and CNVD/NVD re...

CVE-2022-28846

CVE-2022-28846 affects Adobe Bridge 12.x (including 12.0.1 and earlier). The issue is an out-of-bounds write in the SVG/related parsing path that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file....

CVE-2022-35699

Adobe Bridge (Windows/macOS) versions 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability in font parsing that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). The...

CVE-2022-35700

Adobe Bridge CVE-2022-35700 affects Bridge versions 12.0.2 (and earlier) and 11.1.3 (and earlier). It is due to an out-of-bounds write that could allow arbitrary code execution in the user’s context. Exploitation requires user interaction (victim must open a malicious file). Remediation per APSB2...

CVE-2022-35707

Adobe Bridge 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read when parsing crafted files, potentially allowing code execution under the current user. The issue is caused by parsing a crafted file and requires user interaction (victim must open the malicious file...

CVE-2022-28848

Adobe Bridge 12.x (12.0.1 and earlier) is affected by an out-of-bounds write vulnerability (CVE-2022-28848) that could allow arbitrary code execution in the context of the current user when a victim opens a malicious file. Exploitation requires user interaction. Remediation: apply the security up...

CVE-2022-35709

Adobe Bridge 12.0.2 and 11.1.3 (and earlier) are affected by a Use-After-Free that can disclose memory contents. Exploitation requires user interaction (victim opens a malicious file). This CVE is CVE-2022-35709. Nessus/APSB22-49 references confirm multiple vulnerabilities in Bridge with these ve...

CVE-2024-20752

Adobe Bridge is affected by a Use-After-Free vulnerability in the PS file parsing for Bridge 13.0.5, 14.0.1 and earlier, enabling arbitrary code execution in the context of the current user when a malicious file is opened. The issue (CVE-2024-20752) requires user interaction and local access to e...

CVE-2021-44185

CVE-2021-44185 affects Adobe Bridge 11.x (before 11.1.3) and 12.x (before 12.0.1). The issue is an out-of-bounds read that could disclose memory contents and potentially bypass ASLR. Exploitation requires user interaction: a victim must open a malicious RGB file (and related formats noted in advi...

CVE-2022-35706

CVE-2022-35706 affects Adobe Bridge 12.0.2 and earlier and 11.1.3 and earlier, with a heap-based buffer overflow that can enable arbitrary code execution in the context of the current user when a user opens a crafted file. Exploitation requires user interaction. Mitigation: update to fixed versio...

CVE-2021-42722

CVE-2021-42722 affects Adobe Bridge 11.1.1 and earlier. It is an out-of-bounds read during parsing of a crafted file, which could allow code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Connected sources reference APSB21-94 and i...

CVE-2022-28843

Adobe Bridge 12.x (12.0.1 and earlier) is affected by an out-of-bounds write vulnerability that can execute code with the current user’s privileges when a victim opens a malicious file. The CVE is CVE-2022-28843 (and related CVEs referenced by APSB22-25 and vendor advisories), with the impact des...

CVE-2020-9674

Adobe Bridge is affected by CVE-2020-9674 (and related CVEs like 2020-9675/9676) in version 10.0.3 and earlier, due to an out-of-bounds write that could allow arbitrary code execution. The connected documents confirm the affected product and root cause; exploitation details are not provided beyon...

CVE-2021-44186

CVE-2021-44186 affects Adobe Bridge 11.1.2 and earlier and 12.0 and earlier, with an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires a user to open a malicious SGI file, implying a user-interaction vector. Publicly noted mitigations point to updates: Adobe APSB2...

CVE-2022-28841

Adobe Bridge 12.x (≤12.0.1) is affected by an out-of-bounds write that can grant arbitrary code execution in the current user context when a malicious file is opened. The issue requires user interaction. This is addressed by the APSB22-25 security update; Adobe recommends upgrading to Bridge 12.0...

CVE-2022-28842

Adobe Bridge 12.x (12.0.1 and earlier) is affected by a Use-After-Free vulnerability (CVE-2022-28842) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction—victim must open a malicious file. Multiple connected sources corroborate this...

CVE-2022-28844

Adobe Bridge 12.x (12.0.1 and earlier) is affected by an out-of-bounds write vulnerability (CVE-2022-28844) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Multiple connected sources referenc...

CVE-2024-20755

Adobe Bridge CVE-2024-20755 is a heap-based buffer overflow in PDF parsing that can lead to arbitrary code execution in the context of the current user. Affected: Bridge 13.0.5, 14.0.1 and earlier. Exploitation requires the user to open a malicious file. Remediation per advisories is to upgrade t...

CVE-2021-42725

Adobe Bridge 11.1.1 and earlier are affected by a memory corruption vulnerability caused by insecure handling of a malicious M4A file, potentially allowing arbitrary code execution in the current user context. The vulnerability requires user interaction to exploit. NVD indicates a base score of 7...

CVE-2021-44187

Adobe Bridge is affected in versions 11.1.2 and earlier and 12.0 and earlier by an out-of-bounds read that could disclose memory and bypass ASLR. Exploitation requires a user to open a malicious SGI file, making the attack have USER interaction. The CVE entry (CVE-2021-44187) is reported across m...

CVE-2022-28847

Summary: CVE-2022-28847 (Adobe Bridge) is an out-of-bounds write vulnerability in Bridge 12.x before 12.0.2 that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file, i.e., user interaction is needed. Several related CVEs...

CVE-2023-21583

CVE-2023-21583 affects Adobe Bridge 12.x and 13.x prior to 12.0.4/13.0.2. It is a font parsing out-of-bounds read vulnerability that can disclose memory and bypass ASLR. Exploitation requires user interaction (open a malicious file). Affected versions: 12.0.3 and earlier; 13.0.1 and earlier. Miti...

CVE-2024-20756

CVE-2024-20756 affects Adobe Bridge 13.x prior to 13.0.6 and 14.x prior to 14.0.2. The issue is an out-of-bounds write that can lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file (user interaction). Affected product versi...

CVE-2024-20757

Technical details about CVE-2024-20757 are not publicly available in the provided connected documents. Monitor for updates from official advisories; the initial description notes an out-of-bounds read affectingBridge versions and that exploitation requires user interaction.

CVE-2023-38216

Adobe Bridge is affected by CVE-2023-38216: Use After Free in versions 12.0.4 and earlier, and 13.0.3 and earlier, enabling potential disclosure of sensitive memory and bypassing ASLR. Exploitation requires user interaction (victim must open a malicious file). Affected platforms include Windows/m...

CVE-2020-9556

Adobe Bridge Affected: versions 10.x prior to 10.0.4 (e.g., 10.0.1 and earlier) are vulnerable. The issue is described as an out-of-bounds write that could allow arbitrary code execution on local access. Connected documents confirm this CVE (CVE-2020-9556) is associated with Adobe Bridge and APSB...

CVE-2021-42733

Adobe Bridge 11.1.1 (and earlier) is affected by a Null pointer dereference when parsing a specially crafted file, enabling an unauthenticated attacker to cause an application denial-of-service in the context of the current user. Exploitation requires user interaction (victim must open a maliciou...

CVE-2015-3110

Adobe Bridge CC/6.x (Windows and macOS) prior to 6.1.1 is affected by multiple vulnerabilities including CVE-2015-3110 (integer overflow), CVE-2015-3111 (heap-based overflow), and CVE-2015-3112 (memory corruption) per APSB15-13. Nessus entries confirm these CVEs in the same product family, with t...

CVE-2023-22230

Adobe Bridge is affected by an out-of-bounds write vulnerability (CVE-2023-22230) that could allow arbitrary code execution under the current user. Affected versions are 12.x prior to 12.0.4 and 13.x prior to 13.0.2, with exploitation requiring user interaction (victim must open a malicious file)...

CVE-2021-21096

Adobe Bridge CVE-2021-21096 is an Improper Authorization vulnerability in the Genuine Software Service affecting versions 10.1.1 and earlier and 11.0.1 and earlier. A low-privileged attacker could cause an application denial-of-service without user interaction. The issue is referenced in APSB21-2...