Lucene search
+L
AdobeDreamweaver

22 matches found

CVE
CVE
added 2024/05/16 11:36 a.m.136 views

CVE-2024-30314

CVE-2024-30314 affects Adobe Dreamweaver Desktop

7.8CVSS7.6AI score0.00865EPSS
CVE
CVE
added 2019/07/18 9:47 p.m.107 views

CVE-2019-7956

CVE-2019-7956 affects Adobe Dreamweaver direct download Windows installers (versions 19.0 and below, 18.0 and below). The vulnerability is insecure library loading (DLL hijacking) in the installer, enabling privilege escalation within the current user context. Connected sources corroborate the im...

7.8CVSS7.4AI score0.03279EPSS
CVE
CVE
added 2006/02/02 11:0 a.m.105 views

CVE-2005-4708

The CVE-2005-4708 entry concerns Adobe Macromedia MX 2004 products, Captivate, Contribute 2/3, and the eLicensing client. The vulnerability arises from the Macromedia Licensing Service being installed with the Users group allowed to configure the service, including the path to the executable. Thi...

7.2CVSS7.7AI score0.01224EPSS
CVE
CVE
added 2020/10/21 8:7 p.m.92 views

CVE-2020-24425

CVE-2020-24425 (Dreamweaver): Adobe Dreamweaver 20.2 and earlier is affected by an uncontrolled search path element vulnerability that can lead to local privilege escalation. Exploitation could allow a local user with filesystem write access to execute commands with administrator privileges. Root...

7.8CVSS7.3AI score0.00676EPSS
CVE
CVE
added 2018/05/19 5:0 p.m.74 views

CVE-2018-4924

CVE-2018-4924 affects Adobe Dreamweaver CC versions 18.0 and earlier. An OS command injection in the Dreamweaver URI handler could allow arbitrary code execution in the context of the current user. The issue is documented across multiple sources (NVD and Adobe APSB18-07). Remediation is available...

10CVSS9.8AI score0.14462EPSS
CVE
CVE
added 2006/05/09 7:0 p.m.64 views

CVE-2006-2042

CVE-2006-2042 affects Adobe Dreamweaver 8 before 8.0.2 and Dreamweaver MX 2004. The vulnerability arises from code generated by Dreamweaver that does not properly validate input, enabling SQL Injection in the ColdFusion, PHP MySQL, ASP, ASP.NET, and JSP server models. The impact can include remot...

7.5CVSS7.7AI score0.05414EPSS
CVE
CVE
added 2021/02/11 8:12 p.m.63 views

CVE-2021-21055

CVE-2021-21055 affects Adobe Dreamweaver 21.0 and earlier and 20.2 and earlier and is caused by an untrusted search path vulnerability that could allow information disclosure if an attacker with physical access replaces Dreamweaver’s configuration files or dynamic libraries. Impact is information...

6.2CVSS5.8AI score0.00787EPSS
CVE
CVE
added 2009/02/05 1:0 a.m.62 views

CVE-2008-6062

CVE-2008-6062 describes an XSS vulnerability in ActionScript within arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver when the Insert Flash Video feature is used. An attacker can inject arbitrary script/HTML via an asfunction: URI in the skinName parameter. The note mentions pote...

4.3CVSS5.5AI score0.01659EPSS
CVE
CVE
added 2010/08/26 6:0 p.m.61 views

CVE-2010-3132

Affected software: Adobe Dreamweaver CS5 (11.0) build 4916 and 4909, with likely other versions. Vulnerability type / root cause: Untrusted search path leading to DLL hijacking, where a Trojan horse DLL (mfc90loc.dll or dwmapi.dll) placed in the same folder as a file that automatically launches D...

9.3CVSS7.7AI score0.14037EPSS
CVE
CVE
added 2019/05/23 3:43 p.m.60 views

CVE-2019-7097

Adobe Dreamweaver is affected by CVE-2019-7097: versions 19.0 and earlier have an insecure protocol implementation that can disclose sensitive data if an SMB request is subject to a relay attack. This vulnerability is documented in Adobe’s APSB19-21 advisory and is reflected in multiple feeds (Re...

7.5CVSS7.1AI score0.03592EPSS
CVE
CVE
added 2025/05/13 4:53 p.m.45 views

CVE-2025-30310

Dreamweaver Desktop CVE-2025-30310 is a type confusion vulnerability in Dreamweaver Desktop 21.4 and earlier that allows arbitrary code execution in the current user context. Root cause is an Access of Resource Using Incompatible Type vulnerability; exploitation requires user interaction (the use...

7.8CVSS7.8AI score0.00262EPSS
CVE
CVE
added 2026/06/09 7:24 p.m.31 views

CVE-2026-47908

Dreamweaver Desktop (Windows/macOS) affected: version 21.7 and earlier. Vulnerability is an Access of Uninitialized Pointer (CWE-824) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction—victim must open a malicious file. The CVSS 3....

7.8CVSS6.1AI score0.00161EPSS
CVE
CVE
added 2026/06/09 7:24 p.m.29 views

CVE-2026-47906

Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. No remediat...

8.6CVSS6.2AI score0.00177EPSS
CVE
CVE
added 2026/06/09 7:24 p.m.27 views

CVE-2026-47910

Dreamweaver Desktop (Windows/macOS)

6.3CVSS5.6AI score0.00137EPSS
CVE
CVE
added 2026/01/13 6:25 p.m.26 views

CVE-2026-21267

Dreamweaver Desktop (Windows/macOS)

8.6CVSS7.4AI score0.00716EPSS
CVE
CVE
added 2026/01/13 6:25 p.m.26 views

CVE-2026-21268

CVE-2026-21268 affects Adobe Dreamweaver Desktop 21.6 and earlier, due to an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Mitigation: Adobe released APSB26-0...

8.6CVSS7.3AI score0.00212EPSS
CVE
CVE
added 2025/09/09 6:17 p.m.24 views

CVE-2025-54256

Dreamweaver Desktop (Windows/macOS) is affected by CVE-2025-54256: CSRF that could allow arbitrary code execution in the context of the current user. Affected: Dreamweaver Desktop versions 21.5 and earlier. Root cause described in the CVE as a Cross-Site Request Forgery vulnerability that require...

8.6CVSS7.3AI score0.00166EPSS
CVE
CVE
added 2026/06/09 7:24 p.m.23 views

CVE-2026-47907

Dreamweaver Desktop (Windows/macOS) version 21.7 and earlier is affected by an Improper Access Control vulnerability that permits arbitrary file system read outside the intended scope. The root cause is an access-control weakness that allows an attacker to access sensitive files and directories i...

8.6CVSS6.6AI score0.00168EPSS
CVE
CVE
added 2026/01/13 6:25 p.m.22 views

CVE-2026-21272

Affected software. Dreamweaver Desktop, version 21.6 and earlier. Vulnerability and impact. An Improper Input Validation vulnerability could lead to arbitrary file system write, with high impact to confidentiality, integrity, and availability as per the provided metrics. Exploitation requires use...

8.6CVSS6.3AI score0.00195EPSS
CVE
CVE
added 2026/06/09 7:24 p.m.22 views

CVE-2026-47909

Dreamweaver Desktop (Windows/macOS) prior to or equal to version 21.7 is affected by an Improper Input Validation vulnerability that can lead to arbitrary file system read. The issue allows access to sensitive files/directories outside the intended scope and requires user interaction: a victim mu...

6.3CVSS5.6AI score0.00148EPSS
CVE
CVE
added 2026/01/13 6:25 p.m.18 views

CVE-2026-21274

CVE-2026-21274 affects Dreamweaver Desktop versions 21.6 and earlier. The issue is an Incorrect Authorization vulnerability that could allow arbitrary code execution in the context of the current user, with exploitation requiring the victim to open a malicious file (i.e., user interaction). Multi...

7.8CVSS7.4AI score0.00203EPSS
CVE
CVE
added 2026/01/13 6:25 p.m.15 views

CVE-2026-21271

Dreamweaver Desktop (Windows/macOS) versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that can lead to arbitrary code execution in the context of the current user when a user opens a malicious file. The issue requires user interaction and has been fixed in newer...

8.6CVSS7.3AI score0.00212EPSS