22 matches found
CVE-2024-30314
CVE-2024-30314 affects Adobe Dreamweaver Desktop
CVE-2019-7956
CVE-2019-7956 affects Adobe Dreamweaver direct download Windows installers (versions 19.0 and below, 18.0 and below). The vulnerability is insecure library loading (DLL hijacking) in the installer, enabling privilege escalation within the current user context. Connected sources corroborate the im...
CVE-2005-4708
The CVE-2005-4708 entry concerns Adobe Macromedia MX 2004 products, Captivate, Contribute 2/3, and the eLicensing client. The vulnerability arises from the Macromedia Licensing Service being installed with the Users group allowed to configure the service, including the path to the executable. Thi...
CVE-2020-24425
CVE-2020-24425 (Dreamweaver): Adobe Dreamweaver 20.2 and earlier is affected by an uncontrolled search path element vulnerability that can lead to local privilege escalation. Exploitation could allow a local user with filesystem write access to execute commands with administrator privileges. Root...
CVE-2018-4924
CVE-2018-4924 affects Adobe Dreamweaver CC versions 18.0 and earlier. An OS command injection in the Dreamweaver URI handler could allow arbitrary code execution in the context of the current user. The issue is documented across multiple sources (NVD and Adobe APSB18-07). Remediation is available...
CVE-2006-2042
CVE-2006-2042 affects Adobe Dreamweaver 8 before 8.0.2 and Dreamweaver MX 2004. The vulnerability arises from code generated by Dreamweaver that does not properly validate input, enabling SQL Injection in the ColdFusion, PHP MySQL, ASP, ASP.NET, and JSP server models. The impact can include remot...
CVE-2021-21055
CVE-2021-21055 affects Adobe Dreamweaver 21.0 and earlier and 20.2 and earlier and is caused by an untrusted search path vulnerability that could allow information disclosure if an attacker with physical access replaces Dreamweaver’s configuration files or dynamic libraries. Impact is information...
CVE-2008-6062
CVE-2008-6062 describes an XSS vulnerability in ActionScript within arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver when the Insert Flash Video feature is used. An attacker can inject arbitrary script/HTML via an asfunction: URI in the skinName parameter. The note mentions pote...
CVE-2010-3132
Affected software: Adobe Dreamweaver CS5 (11.0) build 4916 and 4909, with likely other versions. Vulnerability type / root cause: Untrusted search path leading to DLL hijacking, where a Trojan horse DLL (mfc90loc.dll or dwmapi.dll) placed in the same folder as a file that automatically launches D...
CVE-2019-7097
Adobe Dreamweaver is affected by CVE-2019-7097: versions 19.0 and earlier have an insecure protocol implementation that can disclose sensitive data if an SMB request is subject to a relay attack. This vulnerability is documented in Adobe’s APSB19-21 advisory and is reflected in multiple feeds (Re...
CVE-2025-30310
Dreamweaver Desktop CVE-2025-30310 is a type confusion vulnerability in Dreamweaver Desktop 21.4 and earlier that allows arbitrary code execution in the current user context. Root cause is an Access of Resource Using Incompatible Type vulnerability; exploitation requires user interaction (the use...
CVE-2026-47908
Dreamweaver Desktop (Windows/macOS) affected: version 21.7 and earlier. Vulnerability is an Access of Uninitialized Pointer (CWE-824) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction—victim must open a malicious file. The CVSS 3....
CVE-2026-47906
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. No remediat...
CVE-2026-47910
Dreamweaver Desktop (Windows/macOS)
CVE-2026-21267
Dreamweaver Desktop (Windows/macOS)
CVE-2026-21268
CVE-2026-21268 affects Adobe Dreamweaver Desktop 21.6 and earlier, due to an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Mitigation: Adobe released APSB26-0...
CVE-2025-54256
Dreamweaver Desktop (Windows/macOS) is affected by CVE-2025-54256: CSRF that could allow arbitrary code execution in the context of the current user. Affected: Dreamweaver Desktop versions 21.5 and earlier. Root cause described in the CVE as a Cross-Site Request Forgery vulnerability that require...
CVE-2026-47907
Dreamweaver Desktop (Windows/macOS) version 21.7 and earlier is affected by an Improper Access Control vulnerability that permits arbitrary file system read outside the intended scope. The root cause is an access-control weakness that allows an attacker to access sensitive files and directories i...
CVE-2026-21272
Affected software. Dreamweaver Desktop, version 21.6 and earlier. Vulnerability and impact. An Improper Input Validation vulnerability could lead to arbitrary file system write, with high impact to confidentiality, integrity, and availability as per the provided metrics. Exploitation requires use...
CVE-2026-47909
Dreamweaver Desktop (Windows/macOS) prior to or equal to version 21.7 is affected by an Improper Input Validation vulnerability that can lead to arbitrary file system read. The issue allows access to sensitive files/directories outside the intended scope and requires user interaction: a victim mu...
CVE-2026-21274
CVE-2026-21274 affects Dreamweaver Desktop versions 21.6 and earlier. The issue is an Incorrect Authorization vulnerability that could allow arbitrary code execution in the context of the current user, with exploitation requiring the victim to open a malicious file (i.e., user interaction). Multi...
CVE-2026-21271
Dreamweaver Desktop (Windows/macOS) versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that can lead to arbitrary code execution in the context of the current user when a user opens a malicious file. The issue requires user interaction and has been fixed in newer...