Connect Security Vulnerabilities and Issues — Connect CVE List

Lucene search

AdobeConnect

9 matches found

CVE•added 2021/10/21 8:15 p.m.•74 views

CVE-2021-40719

Adobe Connect version 11.2.3 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary method invocation when AMF messages are deserialized on an Adobe Connect server. An attacker can leverage this to execute remote code execution on the server.

9.8CVSS8.3AI score0.24933EPSS

CVE•added 2018/05/19 5:29 p.m.•54 views

CVE-2018-4923

Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.

9.1CVSS9.1AI score0.10873EPSS

CVE•added 2018/07/20 7:29 p.m.•51 views

CVE-2018-12805

Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation.

9.8CVSS9.3AI score0.02504EPSS

CVE•added 2025/05/13 9:16 p.m.•48 views

CVE-2025-43567

Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containin...

9.3CVSS7.8AI score0.00137EPSS

CVE•added 2018/07/20 7:29 p.m.•45 views

CVE-2018-12804

Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking.

9.8CVSS9.3AI score0.0602EPSS

CVE•added 2024/12/10 9:15 p.m.•45 views

CVE-2024-54032

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page cont...

9.3CVSS6.8AI score0.004EPSS

CVE•added 2024/12/10 9:15 p.m.•43 views

CVE-2024-54034

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. A ...

9.3CVSS7.8AI score0.004EPSS

CVE•added 2024/12/10 9:15 p.m.•39 views

CVE-2024-54036

9.3CVSS8AI score0.004EPSS

CVE•added 2025/07/08 10:15 p.m.•10 views

CVE-2025-27203

Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed.

9.6CVSS7.2AI score0.047EPSS