CVE-2022-28826

Adobe FrameMaker is affected by CVE-2022-28826: an out-of-bounds write in the font-parsing code could allow arbitrary code execution in the context of the current user. Affects versions up to 2029u8 and 2020u4 (and earlier). Exploitation requires the user to open a malicious file. Adobe released ...

CVE-2022-28830

Adobe FrameMaker (versions 2029u8 and earlier and 2020u4 and earlier) is affected by an out-of-bounds read vulnerability that could disclose memory and bypass ASLR; exploitation requires a user to open a malicious file. The issue is addressed in the APSB22-27 security update (fixes for multiple C...

CVE-2022-28824

Adobe FrameMaker is affected by a Use-After-Free vulnerability (CVE-2022-28824) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction via opening a malicious file. Affected products/versions include FrameMaker 2029u8 and earlier, and ...

CVE-2022-28827

Adobe FrameMaker is affected by CVE-2022-28827 (out-of-bounds write) that could allow arbitrary code execution in the context of the current user. Affected versions include FrameMaker 2029u8 and earlier and 2020u4 and earlier. Exploitation requires the victim to open a malicious file, i.e., user ...

CVE-2022-28821

CVE-2022-28821 affects Adobe FrameMaker (versions 2029u8 and earlier, 2020u4 and earlier). The root cause is an out-of-bounds write in the Font Parsing component which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a...

CVE-2022-28823

CVE-2022-28823: Adobe FrameMaker font parsing Use-After-Free remote code execution. Affected: FrameMaker versions 2029u8 and earlier, and 2020u4 and earlier. Cause: use-after-free in font parsing when opening a malicious file. Impact: arbitrary code execution in the user’s context. Exploitation r...

CVE-2022-28829

Adobe FrameMaker (CVE-2022-28829) is affected by a font-parsing out-of-bounds write that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Affected products include FrameMaker 2029u8 and earlier and 2020u4 and earlier...

CVE-2022-28822

Adobe FrameMaker (versions 2029u8 and earlier, and 2020u4 and earlier) is affected by an out-of-bounds write vulnerability that could allow arbitrary code execution in the context of the current user. The issue (CVE-2022-28822) requires user interaction: a victim must open a malicious file. Affec...

CVE-2022-28825

Adobe FrameMaker is affected by an out-of-bounds write (CVE-2022-28825) that could allow arbitrary code execution in the context of the current user. Vulnerable versions include 2029u8 and earlier, and 2020u4 and earlier. Exploitation requires user interaction (the victim must open a malicious fi...

CVE-2021-21056

Adobe FrameMaker 2020.0.1 and earlier are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a malicious file. Affe...

CVE-2022-35676

Adobe FrameMaker is affected by CVE-2022-35676, a heap-based buffer overflow in SVG parsing that could allow arbitrary code execution in the context of the current user after a user opens a malicious file. Affected versions are FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier. ...

CVE-2022-28828

Summary: CVE-2022-28828 affects Adobe FrameMaker, with out-of-bounds write leading to possible arbitrary code execution in the context of the current user. Affected versions include FrameMaker 2029u8 (and earlier) and 2020u4 (and earlier). Exploitation requires user interaction: a victim must ope...

CVE-2020-9726

Adobe FrameMaker 2019.0.6 and earlier versions contain an out-of-bounds read in the FM file parsing path that can crash or disclose memory contents. Exploitation requires user interaction (open a malicious FrameMaker file or visit a malicious page). Affected products: FrameMaker 2019 and earlier....

CVE-2022-35674

Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier, are affected by an out-of-bounds read when parsing crafted files, enabling potential remote code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Remediation ...

CVE-2023-21584

Adobe FrameMaker is affected by a Use-After-Free vulnerability (CVE-2023-21584) in FrameMaker 2020 Update 4 and earlier, and FrameMaker 2022 and earlier. The flaw could disclose sensitive memory and may bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Remediati...

CVE-2024-30292

CVE-2024-30292 pertains to Adobe FrameMaker, affecting versions 2020.5 and 2022.3 and earlier. The issue is an out-of-bounds write in GIF file parsing that could enable arbitrary code execution in the context of the current user . Exploitation requires user interaction: a victim must open a malic...

CVE-2020-9725

CVE-2020-9725 affects Adobe FrameMaker 2019.0.6 and earlier, due to lack of proper validation of user-supplied data length before copying to a fixed-length stack-based buffer. This can enable arbitrary code execution with the current user’s privileges. Exploitation requires user interaction (the ...

CVE-2020-3734

CVE-2020-3734 affects Adobe FrameMaker 2019.x on Windows, specifically 2019.0.4 and earlier, with a buffer error vulnerability that could lead to arbitrary code execution. The associated advisories note a patch released in 2019.0.5 (APS B20-04) and describe multiple FrameMaker flaws addressed in ...

CVE-2021-39865

Adobe FrameMaker is affected by CVE-2021-39865 (TIF File Parsing Out-Of-Bounds Read Information Disclosure). The vulnerability allows memory disclosure via crafted TIF parsing and requires user interaction (victim opens a malicious file). Connected advisories (APSB21-74, APSB22-27, APSB22-42) ind...

CVE-2022-35673

Adobe FrameMaker is affected by CVE-2022-35673 (and related) with an out-of-bounds read during parsing of crafted files, potentially enabling code execution in the user’s context. Affected are FrameMaker 2019 Update 8 and earlier and 2020 Update 4 and earlier. The vulnerability requires user inte...

CVE-2024-30287

Adobe FrameMaker 2020.5, 2022.3 and earlier are affected by an out-of-bounds read vulnerability that could disclose memory contents and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Remediation is available via Adobe APSB24-37 updates (FrameMaker 2020 Update...

CVE-2020-3739

CVE-2020-3739 affects Adobe FrameMaker 2019.0.4 and earlier, with a memory corruption vulnerability that could enable arbitrary code execution. Connected sources confirm the flaw and note a fix in FrameMaker 2019.0.5 (APSB20-04). Other entries reference related FrameMaker CVEs but do not change t...

CVE-2020-3733

Adobe FrameMaker 2019.0.4 and earlier is affected by an out-of-bounds write (CVE-2020-3733) that could lead to arbitrary code execution. The issue is confirmed in multiple feeds and Red Hat/NVD entries and is addressed by the patch in version 2019.0.5 (APSB20-04). If exploiting, impact is arbitra...

CVE-2022-34264

CVE-2022-34264 affects Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier. The vulnerability is an out-of-bounds read that can disclose memory and could bypass ASLR; exploitation requires user interaction (victim opens a malicious file). Connected sources confirm the issue ...

CVE-2023-21619

CVE-2023-21619 — Adobe FrameMaker font parsing out-of-bounds write . Affected: FrameMaker 2020 Update 4 and earlier, and 2022 and earlier. Root cause: out-of-bounds write could lead to arbitrary code execution in the user’s context. Exploitation requires user interaction: a victim must open a mal...

CVE-2023-21620

CVE-2023-21620 affects Adobe FrameMaker 2020 Update 4 and earlier, and 2022 and earlier. It is an out-of-bounds read vulnerability that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Connected sources indicate fixes in APSB23-06, wit...

CVE-2020-9635

Adobe FrameMaker 2019.x (versions 2019.0.5 and earlier) is affected by an out-of-bounds write vulnerability (CVE-2020-9635) that could allow arbitrary code execution. The issue, described in multiple sources, stems from memory/write bounds handling and is exploitable via crafted content that coul...

CVE-2025-30297

Adobe FrameMaker is affected by CVE-2025-30297 (out-of-bounds write) that can lead to arbitrary code execution in the user’s context. Affected versions include 2020.8 and 2022.6 and earlier; exploitation requires the victim to open a specially crafted file, i.e., user interaction. Connected advis...

CVE-2025-30298

Adobe FrameMaker is affected by a Stack-based Buffer Overflow (CVE-2025-30298) in versions 2020.8, 2022.6 and earlier. The issue can allow arbitrary code execution in the context of the current user and requires user interaction, as a victim must open a malicious file. Connected sources corrobora...

CVE-2021-39830

Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Release Update 2 and earlier, are affected by a memory corruption vulnerability in the PDF handling that could allow arbitrary code execution in the current user context. The issue, described across multiple sources (CVE-2021-39830 and related ...

CVE-2021-39831

Affected software: Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Release Update 2 and earlier. Root cause/bug type: out-of-bounds write in PDF processing. Impact: arbitrary code execution in the context of the current user (high severity per CVSS in sources). Exploitation condition: requir...

CVE-2021-39834

Adobe FrameMaker (2019 Update 8 and earlier; 2020 Release Update 2 and earlier) is affected by an out-of-bounds read vulnerability that can disclose memory and bypass ASLR. Exploitation requires user interaction (opening a malicious TIF). Public advisories reference APSB21-74; apply the security ...

CVE-2022-35675

CVE-2022-35675 affects Adobe FrameMaker 2019 Update 8 and earlier and 2020 Update 4 and earlier. It is a Use-After-Free vulnerability that could allow arbitrary code execution in the context of the current user, requiring user interaction (opening a malicious file). Adobe released APSB22-42 with ...

CVE-2024-30283

Adobe FrameMaker (versions 2020.5, 2022.3 and earlier) is affected by an out-of-bounds read vulnerability in ICO file parsing that could disclose memory contents and bypass ASLR. Impact is memory disclosure with no integrity/availability impact stated; exploitation requires user interaction (vict...

CVE-2024-30289

CVE-2024-30289 affects Adobe FrameMaker; a Stack-based Buffer Overflow in the XLS file parsing can allow arbitrary code execution in the context of the current user. Affected versions are FrameMaker 2020.5 and 2022.3 and earlier. Exploitation requires user interaction: the victim must open a mali...

CVE-2024-30291

CVE-2024-30291 affects Adobe FrameMaker 2020.5 and 2022.3 and earlier, due to an out-of-bounds write in TIF file parsing that could lead to arbitrary code execution in the current user context. Exploitation requires user interaction (victim opens a malicious file). Public details across connected...

CVE-2023-21621

CVE-2023-21621 affects Adobe FrameMaker: FrameMaker 2020 Update 4 and earlier, and 2022 and earlier, are vulnerable to an Improper Input Validation flaw that could allow arbitrary code execution in the user’s context. Exploitation requires a user to open a malicious file. The issue is rated CVSSv...

CVE-2025-30299

Adobe FrameMaker (versions 2020.8, 2022.6 and earlier) is affected by a heap-based buffer overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). The vulnerability is described in CVE-2025-3...

CVE-1999-0133

The CVE-1999-0133 issue affects the fm_fls license server used with Adobe Framemaker, where local users can overwrite arbitrary files and subsequently gain root access. This is described consistently across multiple connected records (Red Hat and CVE records), with no explicit version details pro...

CVE-2024-30290

CVE-2024-30290 affects Adobe FrameMaker 2020.5 and 2022.3 and earlier, with an out-of-bounds write in WEBP file parsing that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (the victim must open a malicious file). Remediation per the...

CVE-2021-39829

Adobe Framemaker is affected by an out-of-bounds write vulnerability (CVE-2021-39829) in 2019 Update 8 and earlier, and 2020 Release Update 2 and earlier. The issue could allow arbitrary code execution in the context of the current user and requires user interaction (the victim must open a malici...

CVE-2021-39832

CVE-2021-39832 affects Adobe FrameMaker 2019 Update 8 and earlier and 2020 Release Update 2 and earlier. The vulnerability is a memory corruption issue triggered by processing a malicious PDF file, enabling arbitrary code execution in the user’s context when opened (requires user interaction). Se...

CVE-2025-30300

Adobe FrameMaker is affected for versions 2020.8, 2022.6 and earlier by a NULL Pointer Dereference that can crash the application and cause a denial-of-service. Exploitation requires the user to open a malicious file. Mitigation provided by Adobe APSB25-33, which recommends updating to a fixed ve...

CVE-2024-30288

CVE-2024-30288 affects Adobe FrameMaker 2020.5, 2022.3 and earlier, caused by a Heap-based Buffer Overflow in 3DS file parsing that could allow arbitrary code execution under the user’s context. Exploitation requires user interaction: the victim must open a malicious file. The CVSS metrics indica...

CVE-2024-53959

CVE-2024-53959 affects Adobe FrameMaker versions 2020.7, 2022.5 and earlier, due to a Stack-based Buffer Overflow that can lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). The issue is corroborated across multi...

CVE-2021-39833

CVE-2021-39833 affects Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Release Update 2 and earlier. The issue is an out-of-bounds read that can disclose sensitive memory and may bypass ASLR. Exploitation requires user interaction: a victim must open a malicious TIF file. The vulnerability i...

CVE-2020-3723

Summary of CVE-2020-3723 (Adobe FrameMaker) : The vulnerability is an out-of-bounds write in Adobe FrameMaker versions 2019.0.4 and earlier. Exploitation could lead to arbitrary code execution. Multiple connected sources confirm the issue and align on the affected family (FrameMaker) and the impa...

CVE-2021-40697

Adobe FrameMaker is affected by CVE-2021-40697 via an out-of-bounds read vulnerability in 2019 Update 8 and earlier, and 2020 Release Update 2 and earlier. The issue allows disclosure of sensitive memory and can bypass ASLR; exploitation requires the user to open a malicious file (e.g., PDF). Aff...

CVE-2022-35677

Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier, are affected by a heap-based buffer overflow (CVE-2022-35677) that could allow arbitrary code execution in the context of the current user when a malicious file is opened. Exploitation requires user interaction. Remediatio...

CVE-2024-30286

Adobe FrameMaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds read vulnerability that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected components: DOC/File parsing in FrameMaker. CVE-2024-30286. Remedia...