49 matches found
CVE-2021-21056
Adobe FrameMaker 2020.0.1 and earlier are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file, potentially allowing arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a malicious file. Affe...
CVE-2024-30292
CVE-2024-30292 pertains to Adobe FrameMaker, affecting versions 2020.5 and 2022.3 and earlier. The issue is an out-of-bounds write in GIF file parsing that could enable arbitrary code execution in the context of the current user . Exploitation requires user interaction: a victim must open a malic...
CVE-2024-30287
Adobe FrameMaker 2020.5, 2022.3 and earlier are affected by an out-of-bounds read vulnerability that could disclose memory contents and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Remediation is available via Adobe APSB24-37 updates (FrameMaker 2020 Update...
CVE-2024-30291
CVE-2024-30291 affects Adobe FrameMaker 2020.5 and 2022.3 and earlier, due to an out-of-bounds write in TIF file parsing that could lead to arbitrary code execution in the current user context. Exploitation requires user interaction (victim opens a malicious file). Public details across connected...
CVE-1999-0133
The CVE-1999-0133 issue affects the fm_fls license server used with Adobe Framemaker, where local users can overwrite arbitrary files and subsequently gain root access. This is described consistently across multiple connected records (Red Hat and CVE records), with no explicit version details pro...
CVE-2024-30289
CVE-2024-30289 affects Adobe FrameMaker; a Stack-based Buffer Overflow in the XLS file parsing can allow arbitrary code execution in the context of the current user. Affected versions are FrameMaker 2020.5 and 2022.3 and earlier. Exploitation requires user interaction: the victim must open a mali...
CVE-2024-30283
Adobe FrameMaker (versions 2020.5, 2022.3 and earlier) is affected by an out-of-bounds read vulnerability in ICO file parsing that could disclose memory contents and bypass ASLR. Impact is memory disclosure with no integrity/availability impact stated; exploitation requires user interaction (vict...
CVE-2024-53959
CVE-2024-53959 affects Adobe FrameMaker versions 2020.7, 2022.5 and earlier, due to a Stack-based Buffer Overflow that can lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). The issue is corroborated across multi...
CVE-2024-30288
CVE-2024-30288 affects Adobe FrameMaker 2020.5, 2022.3 and earlier, caused by a Heap-based Buffer Overflow in 3DS file parsing that could allow arbitrary code execution under the user’s context. Exploitation requires user interaction: the victim must open a malicious file. The CVSS metrics indica...
CVE-2024-30290
CVE-2024-30290 affects Adobe FrameMaker 2020.5 and 2022.3 and earlier, with an out-of-bounds write in WEBP file parsing that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (the victim must open a malicious file). Remediation per the...
CVE-2024-30286
Adobe FrameMaker versions 2020.5, 2022.3 and earlier are affected by an out-of-bounds read vulnerability that could disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Affected components: DOC/File parsing in FrameMaker. CVE-2024-30286. Remedia...
CVE-2024-47422
Adobe FrameMaker (versions 2020.6, 2022.4 and earlier) is affected by CVE-2024-47422, an Untrusted Search Path vulnerability that could allow arbitrary code execution when a malicious path is found in search directories. The issue is a local vulnerability with user interaction required, and the r...
CVE-2024-47425
CVE-2024-47425 refers to a vulnerability in Adobe FrameMaker (versions affected: 2020.6, 2022.4 and earlier) where an integer underflow/wraparound could enable arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. No exploit details ...
CVE-2024-47421
Adobe FrameMaker is affected by an out-of-bounds read vulnerability in the parsing of crafted files for FrameMaker 2020.6, 2022.4, and earlier. The underlying issue allows an attacker to execute code in the user’s context, with exploitation requiring user interaction (victim must open a malicious...
CVE-2024-47424
Adobe FrameMaker (versions 2020.6, 2022.4 and earlier) is affected by an Integer Overflow or Wraparound vulnerability that can lead to arbitrary code execution in the current user context. Exploitation requires the user to open a malicious file (user interaction). Connected advisories indicate a ...
CVE-2024-47423
Adobe FrameMaker (versions 2020.6, 2022.4 and earlier) is affected by CVE-2024-47423: Unrestricted Upload of File with Dangerous Type, which could lead to arbitrary code execution when a user opens or processes a malicious file. Exploitation requires user interaction. The vulnerability is documen...
CVE-2025-47131
CVE-2025-47131 affects Adobe FrameMaker 2020.8, 2022.6 and earlier, due to a heap-based buffer overflow that can lead to arbitrary code execution in the current user context. Exploitation requires user interaction (opening a malicious file). Connected sources confirm the issue and point to availa...
CVE-2025-47123
Adobe FrameMaker 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Remediation: Adobe released APSB25-66 security updates addressi...
CVE-2025-47128
Adobe FrameMaker is affected by CVE-2025-47128 (Integer Underflow). Affected versions are 2020.8, 2022.6 and earlier. The issue could allow arbitrary code execution in the context of the current user, and exploitation requires the user to open a malicious file. Vendor advisories indicate remediat...
CVE-2025-47122
Adobe FrameMaker (versions 2020.8, 2022.6 and earlier) contains a heap-based buffer overflow that could allow arbitrary code execution in the current user context. Exploitation requires user interaction (opening a malicious file). A security update (APSB25-66) exists; remediation is to upgrade to...
CVE-2025-47126
Summary: CVE-2025-47126 affects Adobe FrameMaker 2020.8, 2022.6 and earlier. The issue is an out-of-bounds write in FrameMaker that could allow arbitrary code execution in the current user context . Exploitation requires user interaction—victim must open a specially crafted file. Connected source...
CVE-2025-47133
Adobe FrameMaker (versions 2020.8, 2022.6 and earlier) is affected by CVE-2025-47133, an out-of-bounds write vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Multiple connected...
CVE-2025-47119
Adobe FrameMaker (versions 2020.8, 2022.6 and earlier) contains a NULL Pointer Dereference vulnerability that can crash the application and cause a denial of service. The issue requires user interaction (victim opens a malicious file) and is described across multiple sources as a vulnerability in...
CVE-2025-47124
CVE-2025-47124 affects Adobe FrameMaker: versions 2020.8, 2022.6 and earlier are vulnerable to an out-of-bounds write that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a specially crafted file). Connected sources corrobor...
CVE-2025-47125
Adobe FrameMaker (versions 2020.8, 2022.6 and earlier) is affected by a heap-based buffer overflow that can enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Impact is high (remote code execution). The C...
CVE-2025-47130
CVE-2025-47130 affects Adobe FrameMaker versions 2020.8, 2022.6 and earlier. The vulnerability is an Integer Underflow (Wrap or Wraparound) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction—victims must open a malicious file. Conn...
CVE-2025-47120
Summary: CVE-2025-47120 affects Adobe FrameMaker 2020.8, 2022.6 and earlier. The issue is a stack-based buffer overflow in FrameMaker that can disclose memory contents. Exploitation requires user interaction (the victim must open a malicious file). What’s known from connected sources: The vulnera...
CVE-2025-47121
Summary: CVE-2025-47121 affects Adobe FrameMaker 2020.8, 2022.6 and earlier. It is an Access of Uninitialized Pointer vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (open a malicious file). Affected software: Fr...
CVE-2025-47127
CVE-2025-47127 affects Adobe FrameMaker 2020.8 through 2022.6 (and earlier) with an out-of-bounds write that can allow arbitrary code execution in the context of the current user. Exploitation requires user interaction via opening a malicious file. The issue is documented across multiple feeds (N...
CVE-2025-47132
CVE-2025-47132 affects Adobe FrameMaker 2020.8 through 2022.6 and earlier. The vulnerability is an out-of-bounds write that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a specially crafted file). The issue is co...
CVE-2025-54229
CVE-2025-54229 affects Adobe FrameMaker versions 2020.8, 2022.6 and earlier. The issue is a Use-After-Free vulnerability that could lead to arbitrary code execution in the current user context . Exploitation requires user interaction (opening a malicious file). Connected sources indicate the vuln...
CVE-2025-47129
Adobe FrameMaker 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a specially crafted file. A CVSSv3.1 score of 7.8 (HI...
CVE-2025-54232
Adobe FrameMaker has a Use After Free vulnerability (CVE-2025-54232) affecting versions 2020.8, 2022.6 and earlier. Exploitation requires the user to open a malicious file, with potential arbitrary code execution in the user’s context. Connected sources confirm affected versions and the vulnerabi...
CVE-2025-54230
Adobe FrameMaker is affected by a Use After Free vulnerability (CWE-416) in versions 2020.8, 2022.6 and earlier, potentially enabling arbitrary code execution in the attacker’s context. Exploitation requires user interaction: a victim must open a specially crafted file. The issue stems from use-a...
CVE-2025-54231
Adobe FrameMaker (versions 2020.8, 2022.6 and earlier) is affected by a Use After Free vulnerability (CWE-416) that can allow arbitrary code execution in the attacker’s context. Exploitation requires the user to open a malicious file. Remediation per the provided documents: apply updates released...
CVE-2025-54281
Adobe FrameMaker has a Use After Free vulnerability (CWE-416) affecting versions 2020.9, 2022.7 and earlier, allowing arbitrary code execution in the current user’s context. Exploitation requires user interaction (opening a malicious file). A fix is available: update to a version later than 2022....
CVE-2026-27292
Adobe Framemaker versions 2022.8 and earlier are affected by a Use-After-Free vulnerability that could enable arbitrary code execution in the invoking user’s context. Exploitation requires user interaction: the victim must open a specially crafted file. The CVE-2026-27292 entry identifies the aff...
CVE-2025-54233
Adobe FrameMaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read (CWE-125) vulnerability that can disclose memory. Exploitation requires user interaction (open a malicious file). Remediation: update to versions later than 2022.6 and later than 2020.8 (per PT-2025-32952; ...
CVE-2026-27301
Adobe Framemaker 2022.8 and earlier is affected by a heap-based buffer overflow that can disclose memory contents. Exploitation requires user interaction: the victim must open a malicious file. CVSS v3.1 indicates LOCAL attack vector, LOW attack complexity, NONE privileges, and UI:R with CONFIDEN...
CVE-2025-54282
CVE-2025-54282 affects Adobe FrameMaker 2020.9, 2022.7 and earlier. The issue is a Heap-based Buffer Overflow in Framemaker that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a specially crafted malicious file...
CVE-2026-27300
CVE-2026-27300 affects Adobe FrameMaker 2022.8 and earlier. The issue is an Access of Uninitialized Pointer that could lead to memory exposure. An attacker could disclose sensitive information, with exploitation requiring the victim to open a malicious file (user interaction). The provided connec...
CVE-2026-27295
Adobe Framemaker: CVE-2026-27295 affects Framemaker 2022.8 and earlier due to an out-of-bounds write; could allow arbitrary code execution in the current user's context. Exploitation requires user interaction (victim must open a malicious file) and is a local access issue with high impact to conf...
CVE-2026-27299
CVE-2026-27299 affects Adobe FrameMaker 2022.8 and earlier and is caused by improper input validation that can lead to arbitrary file system read. The vulnerability requires a user to open a malicious file, enabling an attacker to access sensitive data on the local system. The CVSSv3.1 base score...
CVE-2026-27294
Adobe Framemaker (versions 2022.8 and earlier) is affected by an out-of-bounds read when parsing a crafted file, potentially allowing code execution in the attacker’s context. Exploitation requires user interaction: a victim must open a malicious file. The issue is documented with a CVSSv3.1 base...
CVE-2026-27297
CVE-2026-27297 affects Adobe FrameMaker 2022.8 and earlier. The vulnerability is an Integer Underflow/Wrap or Wraparound in FrameMaker, potentially allowing arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. Affected ...
CVE-2026-27293
Adobe FrameMaker up to version 2022.8 is affected by a Heap-based Buffer Overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected software: FrameMaker 2022.8 and earlier. CVSS v3.1 ...
CVE-2026-27298
Adobe Framemaker (versions 2022.8 and earlier) is affected by a Type Confusion vulnerability (Access of Resource Using Incompatible Type) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction : a victim must open a malicious file. C...
CVE-2026-27290
CVE-2026-27290 affects Adobe FrameMaker up to version 2022.8. It describes an Untrusted Search Path vulnerability where an attacker could modify the search path to execute a malicious program, potentially running with the current user’s privileges. Exploitation does not require user interaction. ...
CVE-2026-27296
CVE-2026-27296 affects Adobe FrameMaker versions 2022.8 and earlier. A vulnerability in an Integer Underflow (wrap/wraparound) could lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malicious file (user interaction) and is rated High ...