26 matches found
CVE-2022-28830
Adobe FrameMaker (versions 2029u8 and earlier and 2020u4 and earlier) is affected by an out-of-bounds read vulnerability that could disclose memory and bypass ASLR; exploitation requires a user to open a malicious file. The issue is addressed in the APSB22-27 security update (fixes for multiple C...
CVE-2022-28826
Adobe FrameMaker is affected by CVE-2022-28826: an out-of-bounds write in the font-parsing code could allow arbitrary code execution in the context of the current user. Affects versions up to 2029u8 and 2020u4 (and earlier). Exploitation requires the user to open a malicious file. Adobe released ...
CVE-2022-28821
CVE-2022-28821 affects Adobe FrameMaker (versions 2029u8 and earlier, 2020u4 and earlier). The root cause is an out-of-bounds write in the Font Parsing component which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim opens a...
CVE-2022-28824
Adobe FrameMaker is affected by a Use-After-Free vulnerability (CVE-2022-28824) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction via opening a malicious file. Affected products/versions include FrameMaker 2029u8 and earlier, and ...
CVE-2022-28827
Adobe FrameMaker is affected by CVE-2022-28827 (out-of-bounds write) that could allow arbitrary code execution in the context of the current user. Affected versions include FrameMaker 2029u8 and earlier and 2020u4 and earlier. Exploitation requires the victim to open a malicious file, i.e., user ...
CVE-2022-28823
CVE-2022-28823: Adobe FrameMaker font parsing Use-After-Free remote code execution. Affected: FrameMaker versions 2029u8 and earlier, and 2020u4 and earlier. Cause: use-after-free in font parsing when opening a malicious file. Impact: arbitrary code execution in the user’s context. Exploitation r...
CVE-2022-28829
Adobe FrameMaker (CVE-2022-28829) is affected by a font-parsing out-of-bounds write that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. Affected products include FrameMaker 2029u8 and earlier and 2020u4 and earlier...
CVE-2022-28822
Adobe FrameMaker (versions 2029u8 and earlier, and 2020u4 and earlier) is affected by an out-of-bounds write vulnerability that could allow arbitrary code execution in the context of the current user. The issue (CVE-2022-28822) requires user interaction: a victim must open a malicious file. Affec...
CVE-2022-28825
Adobe FrameMaker is affected by an out-of-bounds write (CVE-2022-28825) that could allow arbitrary code execution in the context of the current user. Vulnerable versions include 2029u8 and earlier, and 2020u4 and earlier. Exploitation requires user interaction (the victim must open a malicious fi...
CVE-2022-28828
Summary: CVE-2022-28828 affects Adobe FrameMaker, with out-of-bounds write leading to possible arbitrary code execution in the context of the current user. Affected versions include FrameMaker 2029u8 (and earlier) and 2020u4 (and earlier). Exploitation requires user interaction: a victim must ope...
CVE-2022-35676
Adobe FrameMaker is affected by CVE-2022-35676, a heap-based buffer overflow in SVG parsing that could allow arbitrary code execution in the context of the current user after a user opens a malicious file. Affected versions are FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier. ...
CVE-2022-35674
Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier, are affected by an out-of-bounds read when parsing crafted files, enabling potential remote code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). Remediation ...
CVE-2022-35673
Adobe FrameMaker is affected by CVE-2022-35673 (and related) with an out-of-bounds read during parsing of crafted files, potentially enabling code execution in the user’s context. Affected are FrameMaker 2019 Update 8 and earlier and 2020 Update 4 and earlier. The vulnerability requires user inte...
CVE-2022-34264
CVE-2022-34264 affects Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier. The vulnerability is an out-of-bounds read that can disclose memory and could bypass ASLR; exploitation requires user interaction (victim opens a malicious file). Connected sources confirm the issue ...
CVE-2025-30297
Adobe FrameMaker is affected by CVE-2025-30297 (out-of-bounds write) that can lead to arbitrary code execution in the user’s context. Affected versions include 2020.8 and 2022.6 and earlier; exploitation requires the victim to open a specially crafted file, i.e., user interaction. Connected advis...
CVE-2025-30298
Adobe FrameMaker is affected by a Stack-based Buffer Overflow (CVE-2025-30298) in versions 2020.8, 2022.6 and earlier. The issue can allow arbitrary code execution in the context of the current user and requires user interaction, as a victim must open a malicious file. Connected sources corrobora...
CVE-2022-35675
CVE-2022-35675 affects Adobe FrameMaker 2019 Update 8 and earlier and 2020 Update 4 and earlier. It is a Use-After-Free vulnerability that could allow arbitrary code execution in the context of the current user, requiring user interaction (opening a malicious file). Adobe released APSB22-42 with ...
CVE-2025-30299
Adobe FrameMaker (versions 2020.8, 2022.6 and earlier) is affected by a heap-based buffer overflow that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). The vulnerability is described in CVE-2025-3...
CVE-2025-30300
Adobe FrameMaker is affected for versions 2020.8, 2022.6 and earlier by a NULL Pointer Dereference that can crash the application and cause a denial-of-service. Exploitation requires the user to open a malicious file. Mitigation provided by Adobe APSB25-33, which recommends updating to a fixed ve...
CVE-2022-35677
Adobe FrameMaker 2019 Update 8 and earlier, and 2020 Update 4 and earlier, are affected by a heap-based buffer overflow (CVE-2022-35677) that could allow arbitrary code execution in the context of the current user when a malicious file is opened. Exploitation requires user interaction. Remediatio...
CVE-2025-30295
Adobe FrameMaker is affected by CVE-2025-30295: a heap-based buffer overflow in FrameMaker 2020.8, 2022.6 and earlier could allow arbitrary code execution in the user’s context. Exploitation requires user interaction (opening a malicious file). The issue is addressed by Adobe’s APSB25-33 security...
CVE-2025-30303
Summary: CVE-2025-30303 affects Adobe FrameMaker up to 2020.8 and 2022.6 and earlier, due to an out-of-bounds read that can disclose memory. Impact is memory disclosure; mitigations like ASLR may be bypassed. Exploitation requires user interaction (victim opens a malicious file). Connected source...
CVE-2025-30302
CVE-2025-30302 affects Adobe FrameMaker: vulnerable in FrameMaker versions 2020.8, 2022.6 and earlier due to an out-of-bounds read that can disclose memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). Several connected sources confirm affected versions ...
CVE-2025-30296
CVE-2025-30296 : Adobe FrameMaker, vulnerable in versions 2020.8, 2022.6 and earlier, suffers an Integer Underflow (Wrap or Wraparound) that can enable arbitrary code execution in the context of the current user. Exploitation requires user interaction (the victim must open a malicious file). Affe...
CVE-2025-30304
The CVE-2025-30304 issue affects Adobe FrameMaker versions 2020.8, 2022.6 and earlier, with an out-of-bounds write that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (opening a malicious file). The root cause is a memory/write vuln...
CVE-2025-30301
Adobe FrameMaker is affected by a NULL Pointer Dereference in versions 2020.8, 2022.6 and earlier, leading to potential denial-of-service when a user opens a crafted file. The issue is triggered by user interaction (opening a malicious file). Mitigation: Adobe released APSB25-33 with fixes for Fr...