adobe

7,148 tracked vulnerabilities.

CVE-2025-43589 HIGH
Adobe InDesign < 19.5.4 - Use-After-Free
Jun 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-43558 HIGH
Adobe InDesign < 19.5.4 - Out-of-bounds Write via Malicious File
Jun 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-30321 MEDIUM
InDesign Desktop <ID20.2,ID19.5.3 - Use After Free
Jun 10, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-30317 HIGH
InDesign Desktop <ID20.2,ID19.5.3 - Buffer Overflow
Jun 10, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-47110 HIGH
Adobe Commerce 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier - Stored Cross-Site Scripting in Form Fields
Jun 10, 2025
CVSS 8.4
EPSS 0.01
CVE-2025-43586 HIGH
Adobe Commerce <=2.4.8 Privilege Escalation via Improper Access Control
Jun 10, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-43585 HIGH
Adobe Commerce <=2.4.8 Security Feature Bypass via Improper Authorization
Jun 10, 2025
CVSS 8.2
EPSS 0.01
CVE-2025-27207 MEDIUM
Adobe Commerce <2.4.8 - Privilege Escalation
Jun 10, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-27206 MEDIUM
Adobe Commerce <2.4.8 - Privilege Escalation
Jun 10, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-43572 HIGH
Adobe Dimension < 4.1.2 - Out-of-bounds Write via Malicious File
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-43571 HIGH
Substance 3D Stager < 3.1.2 - Use-After-Free
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-43570 HIGH
Substance 3D Stager < 3.1.2 - Use-After-Free via Malicious File
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-43569 HIGH
Substance 3D Stager < 3.1.2 - Out-of-bounds Write via Malicious File
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-43568 HIGH
Substance3D Stager < 3.1.2 - Use-After-Free
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-43567 CRITICAL
Adobe Connect < 12.9 - Reflected Cross-Site Scripting via Vulnerable Form Fields
May 13, 2025
CVSS 9.3
EPSS 0.01
CVE-2025-43566 MEDIUM
Adobe ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Path Traversal and Arbitrary File Read
May 13, 2025
CVSS 6.8
EPSS 0.03
CVE-2025-43565 HIGH
Adobe ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Arbitrary Code Execution via Incorrect Authorization
May 13, 2025
CVSS 8.4
EPSS 0.04
CVE-2025-43564 CRITICAL
ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Arbitrary File Read via Improper Access Control
May 13, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-43563 CRITICAL
ColdFusion 2025.1 2023.13 2021.19 and earlier - Authenticated Arbitrary File System Read
May 13, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-43562 CRITICAL
Adobe ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated OS Command Injection
May 13, 2025
CVSS 9.1
EPSS 0.08
CVE-2025-43561 CRITICAL
ColdFusion 2025.1 2023.13 2021.19 and earlier - Authenticated Remote Code Execution via Authorization Bypass
May 13, 2025
CVSS 9.1
EPSS 0.02
CVE-2025-43560 CRITICAL
Adobe ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Remote Code Execution
May 13, 2025
CVSS 9.1
EPSS 0.11
CVE-2025-43559 CRITICAL
ColdFusion <= 2025.1, <= 2023.13, <= 2021.19 - Authenticated Remote Code Execution
May 13, 2025
CVSS 9.1
EPSS 0.12
CVE-2025-43554 HIGH
Substance 3D Modeler < 1.22.0 - Out-of-bounds Write via Malicious File
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-43553 HIGH
Substance 3D Modeler < 1.22.0 - Uncontrolled Search Path Element
May 13, 2025
CVSS 7.8
EPSS 0.00
Products
acrobat_dc 1,781 acrobat_reader_dc 1,781 acrobat 1,359 experience_manager 1,088 flash_player 1,084 acrobat_reader 1,076 air 413 air_sdk 409 air_sdk_\&_compiler 365 reader 360 flash_player_desktop_runtime 294 coldfusion 208 indesign 190 commerce 184 experience_manager_cloud_service 183 shockwave_player 174 illustrator 173 magento 161 adobe_air 146 bridge 136 after_effects 125 framemaker 118 dimension 116 commerce_b2b 111 animate 102 adobe_air_sdk 96 photoshop 92 air_desktop_runtime 88 substance_3d_stager 87 substance_3d_painter 78
Quick Filters
Critical CVEs With Exploits In CISA KEV