Lucene search
K

30 matches found

CVE
CVE
added 2024/03/18 3:54 p.m.98 views

CVE-2024-20752

Adobe Bridge is affected by a Use-After-Free vulnerability in the PS file parsing for Bridge 13.0.5, 14.0.1 and earlier, enabling arbitrary code execution in the context of the current user when a malicious file is opened. The issue (CVE-2024-20752) requires user interaction and local access to e...

7.8CVSS7.8AI score0.07758EPSS
CVE
CVE
added 2021/11/16 9:14 p.m.85 views

CVE-2021-42725

Adobe Bridge 11.1.1 and earlier are affected by a memory corruption vulnerability caused by insecure handling of a malicious M4A file, potentially allowing arbitrary code execution in the current user context. The vulnerability requires user interaction to exploit. NVD indicates a base score of 7...

7.8CVSS7.9AI score0.01901EPSS
CVE
CVE
added 2024/03/18 3:54 p.m.84 views

CVE-2024-20755

Adobe Bridge CVE-2024-20755 is a heap-based buffer overflow in PDF parsing that can lead to arbitrary code execution in the context of the current user. Affected: Bridge 13.0.5, 14.0.1 and earlier. Exploitation requires the user to open a malicious file. Remediation per advisories is to upgrade t...

7.8CVSS7.2AI score0.04369EPSS
CVE
CVE
added 2024/03/18 3:54 p.m.82 views

CVE-2024-20756

CVE-2024-20756 affects Adobe Bridge 13.x prior to 13.0.6 and 14.x prior to 14.0.2. The issue is an out-of-bounds write that can lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file (user interaction). Affected product versi...

7.8CVSS7.3AI score0.04075EPSS
CVE
CVE
added 2024/03/18 3:54 p.m.79 views

CVE-2024-20757

Technical details about CVE-2024-20757 are not publicly available in the provided connected documents. Monitor for updates from official advisories; the initial description notes an out-of-bounds read affectingBridge versions and that exploitation requires user interaction.

5.5CVSS5.9AI score0.00358EPSS
CVE
CVE
added 2021/11/22 3:22 p.m.77 views

CVE-2021-42733

Adobe Bridge 11.1.1 (and earlier) is affected by a Null pointer dereference when parsing a specially crafted file, enabling an unauthenticated attacker to cause an application denial-of-service in the context of the current user. Exploitation requires user interaction (victim must open a maliciou...

5.5CVSS5.4AI score0.01374EPSS
CVE
CVE
added 2024/12/10 9:15 p.m.74 views

CVE-2024-53955

Adobe Bridge (Windows and macOS) versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability (CVE-2024-53955) that could lead to arbitrary code execution in the current user’s context. Root cause per connected sources: integer underflow in Bridge’s ha...

7.8CVSS7.5AI score0.00459EPSS
CVE
CVE
added 2022/01/14 7:4 p.m.73 views

CVE-2021-45052

Adobe Bridge (Windows/macOS) versions 11.1.2 and earlier, and 12.0 and earlier, are affected by an out-of-bounds read in TIF file handling that can disclose memory and may bypass ASLR. Exploitation requires user interaction (opening a malicious TIF). Affected products are addressed in Adobe’s APS...

5.5CVSS4.3AI score0.0225EPSS
CVE
CVE
added 2024/07/09 7:26 p.m.73 views

CVE-2024-34139

CVE-2024-34139 affects Adobe Bridge versions 14.0.4, 13.0.7, 14.1 and earlier, with an Integer Overflow/Wraparound when handling certain input (file parsing, per sources). This can enable arbitrary code execution under the current user’s context, requiring user interaction to open a malicious fil...

7.8CVSS7.8AI score0.0037EPSS
CVE
CVE
added 2022/01/14 7:4 p.m.72 views

CVE-2021-44743

Adobe Bridge (Windows/macOS) versions 11.1.2 and earlier and 12.0 and earlier are affected by CVE-2021-44743, an out-of-bounds write vulnerability in JPEG2000 parsing that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must ...

9.3CVSS7.7AI score0.02458EPSS
CVE
CVE
added 2024/04/11 8:10 a.m.71 views

CVE-2024-20771

CVE-2024-20771 affects Adobe Bridge (Bridge 13.0.6, 14.0.2 and earlier). The issue is an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). A remediation/public fix is the APSB24-24 security update, which addresses ...

5.5CVSS5AI score0.00288EPSS
CVE
CVE
added 2022/01/14 7:4 p.m.70 views

CVE-2021-45051

Adobe Bridge versions 11.1.2 and earlier, and 12.0 and earlier, are affected by a use-after-free in the processing of Format event actions that could disclose memory and bypass ASLR. Exploitation requires user interaction (opening a malicious file). Remediation: apply the APSB22-03 update (11.1.3...

5.5CVSS4.3AI score0.02742EPSS
CVE
CVE
added 2024/07/09 7:26 p.m.70 views

CVE-2024-34140

CVE-2024-34140 affects Adobe Bridge as shipped in Bridge versions 14.0.4, 13.0.7, 14.1 and earlier. The issue is an out-of-bounds read that could disclose memory and potentially bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). The connected sources corroborate ...

5.5CVSS5.6AI score0.00333EPSS
CVE
CVE
added 2025/04/08 5:39 p.m.67 views

CVE-2025-27193

Adobe Bridge CVE-2025-27193 is a heap-based buffer overflow affecting Bridge 14.1.5, 15.0.2 and earlier, enabling arbitrary code execution when a user opens a crafted file. Root cause is improper memory handling during file processing; impact is at the user level with possible code execution. Exp...

7.8CVSS7.6AI score0.00347EPSS
CVE
CVE
added 2024/08/14 3:2 p.m.61 views

CVE-2024-39386

Adobe Bridge CVE-2024-39386 affects Bridge versions 13.0.8, 14.1.1 and earlier. Root cause: out-of-bounds write leading to arbitrary code execution in the context of the current user; exploitation requires user interaction (victim opens a malicious file). Affected platforms include macOS and Wind...

7.8CVSS7.9AI score0.0036EPSS
CVE
CVE
added 2021/02/25 1:25 p.m.59 views

CVE-2021-21065

Adobe Bridge (Windows/macOS) versions 11.0 and earlier are affected by an out-of-bounds write vulnerability in TTF font parsing that can lead to arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious font/file. Affected product...

7.8CVSS7.9AI score0.03361EPSS
CVE
CVE
added 2021/02/25 1:26 p.m.59 views

CVE-2021-21066

Adobe Bridge 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files, potentially allowing arbitrary code execution in the user’s context. Exploitation requires the user to open a crafted file. Remediation observed in advisories (APSB21-07) suggests updating to...

7.8CVSS7.9AI score0.03361EPSS
CVE
CVE
added 2024/08/14 3:2 p.m.56 views

CVE-2024-41840

Summary (CVE-2024-41840): Adobe Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds write vulnerability in the JP2/file parsing code that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically opening a...

7.8CVSS7.9AI score0.00363EPSS
CVE
CVE
added 2024/08/14 3:2 p.m.50 views

CVE-2024-39387

Adobe Bridge (versions 13.0.8, 14.1.1 and earlier) is affected by an out-of-bounds read vulnerability (CVE-2024-39387) that can disclose sensitive memory and potentially bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected platforms include macOS and Windo...

5.5CVSS5.1AI score0.004EPSS
CVE
CVE
added 2026/04/14 7:44 p.m.27 views

CVE-2026-27312

Bridge software (Adobe Bridge) versions 16.0.2, 15.1.4 and earlier are affected by a heap-based buffer overflow that can lead to arbitrary code execution within the current user context. Exploitation requires user interaction, specifically opening a malicious file. The description does not specif...

7.8CVSS6.3AI score0.00259EPSS
CVE
CVE
added 2026/02/10 6:24 p.m.26 views

CVE-2026-21346

CVE-2026-21346 affects Adobe Bridge versions 15.1.3, 16.0.1 and earlier. The issue is an out-of-bounds write (CWE-787) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Redundant/confirming ...

7.8CVSS6.3AI score0.00139EPSS
CVE
CVE
added 2026/04/14 7:44 p.m.26 views

CVE-2026-27313

CVE-2026-27313 affects Adobe Bridge; a Heap-based Buffer Overflow could allow arbitrary code execution in the context of the current user. Affected versions: Bridge 16.0.2, 15.1.4 and earlier. Exploitation requires user interaction (victim must open a malicious file). The issue is linked to CVE-2...

7.8CVSS6.3AI score0.00227EPSS
CVE
CVE
added 2026/04/14 7:44 p.m.22 views

CVE-2026-27310

Adobe Bridge versions 16.0.2, 15.1.4 and earlier are affected by a heap-based buffer overflow that could allow arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. The CVSS v3.1 base score is 7.8 (High) with Local attac...

7.8CVSS6.3AI score0.00254EPSS
CVE
CVE
added 2026/01/13 6:48 p.m.20 views

CVE-2026-21283

CVE-2026-21283 affects Adobe Bridge versions 15.1.2, 16.0 and earlier. The root cause is a heap-based buffer overflow in Bridge that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Impact: potent...

7.8CVSS7.4AI score0.00254EPSS
CVE
CVE
added 2025/10/15 1:7 a.m.16 views

CVE-2025-54268

CVE-2025-54268 affects Adobe Bridge versions 14.1.8, 15.1.1 and earlier and is described as a heap-based buffer overflow that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (the user must open a malicious file). Multiple connected s...

7.8CVSS7.4AI score0.00243EPSS
CVE
CVE
added 2026/02/10 6:24 p.m.16 views

CVE-2026-21347

CVE-2026-21347 affects Adobe Bridge. Affected versions: Bridge 15.1.3 and earlier, and 16.0.1 and earlier. The root cause is an Integer Overflow or Wraparound (CWE-190) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction —the victim...

7.8CVSS6.3AI score0.00159EPSS
CVE
CVE
added 2026/04/14 7:44 p.m.16 views

CVE-2026-27311

CVE-2026-27311 affects Bridge versions 16.0.2, 15.1.4 and earlier. It is a heap-based buffer overflow that could lead to arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). Attack vector is LOCAL with UI:R per CVSS 3.1,...

7.8CVSS6.3AI score0.00259EPSS
CVE
CVE
added 2025/10/15 1:7 a.m.15 views

CVE-2025-54278

Adobe Bridge (versions 14.1.8, 15.1.1 and earlier) is affected by a Heap-based Buffer Overflow (CVE-2025-54278) that could disclose memory contents. The vulnerability originates from a heap overflow and requires user interaction (victim must open a malicious file). Impact: memory disclosure. Expl...

5.5CVSS5.7AI score0.00218EPSS
CVE
CVE
added 2026/04/14 7:44 p.m.15 views

CVE-2026-27222

Technical details (affected products, exact vulnerable components, root cause, and remediation) are not publicly provided in the supplied documents. Monitor for updates.

5.5CVSS5.8AI score0.00169EPSS
CVE
CVE
added 2026/04/14 7:53 p.m.11 views

CVE-2026-34630

CVE-2026-34630 affects Adobe Bridge up to 16.0.2 and 15.1.4 and earlier. It is a heap-based buffer overflow that can allow arbitrary code execution in the current user context. Exploitation requires user interaction: the victim must open a specially crafted file. Impact is rated High (C/H/I/A) wi...

7.8CVSS6.3AI score0.00227EPSS