adobe

7,383 tracked vulnerabilities.

CVE-2025-30322 HIGH
Substance 3D Painter < 11.0.1 - Out-of-bounds Write via Malicious File
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-27197 HIGH
Lightroom < 8.3 - Out-of-bounds Write via Malicious File
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-30320 MEDIUM
InDesign Desktop <ID20.2 - Use After Free
May 13, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-30319 MEDIUM
Adobe InDesign < 19.5.3 - Denial of Service via NULL Pointer Dereference
May 13, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-30318 HIGH
Adobe InDesign < 19.5.3 - Out-of-bounds Write via Malicious File
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-30310 HIGH
Dreamweaver < 21.5 - Type Confusion leading to Arbitrary Code Execution
May 13, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-27192 LOW
Adobe Commerce <2.4.8-beta2 - Insufficiently Protected Credentials
Apr 08, 2025
CVSS 2.7
EPSS 0.00
CVE-2025-27191 MEDIUM
Adobe Commerce <2.4.8-beta2 - Privilege Escalation
Apr 08, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-27190 MEDIUM
Adobe Commerce <2.4.8-beta2 - Privilege Escalation
Apr 08, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-27189 MEDIUM
Adobe Commerce < 2.4.8-beta2 - Cross-Site Request Forgery
Apr 08, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-27188 MEDIUM
Adobe Commerce < 2.4.4 - Improper Authorization
Apr 08, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-30294 MEDIUM
ColdFusion <2023.12, 2021.18, 2025.0 - Info Disclosure
Apr 08, 2025
CVSS 6.8
EPSS 0.16
CVE-2025-30293 MEDIUM
ColdFusion <2023.12, 2021.18, 2025.0 - Info Disclosure
Apr 08, 2025
CVSS 6.8
EPSS 0.01
CVE-2025-30292 MEDIUM
ColdFusion 2023.12 2021.18 2025.0 and earlier - Reflected Cross-Site Scripting
Apr 08, 2025
CVSS 6.1
EPSS 0.15
CVE-2025-30291 MEDIUM
ColdFusion <2023.12, 2021.18, 2025.0 - Info Disclosure
Apr 08, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-30290 HIGH
ColdFusion <2023.12, 2021.18, 2025.0 - Path Traversal
Apr 08, 2025
CVSS 8.7
EPSS 0.18
CVE-2025-30289 HIGH
ColdFusion <2023.12, 2021.18, 2025.0 - Code Injection
Apr 08, 2025
CVSS 8.2
EPSS 0.05
CVE-2025-30288 HIGH
ColdFusion <2023.12, 2021.18, 2025.0 - Privilege Escalation
Apr 08, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-30287 HIGH
ColdFusion <2023.12, 2021.18, 2025.0 - Auth Bypass
Apr 08, 2025
CVSS 8.2
EPSS 0.03
CVE-2025-30286 HIGH
ColdFusion <2023.12, 2021.18, 2025.0 - Code Injection
Apr 08, 2025
CVSS 8.4
EPSS 0.02
CVE-2025-30285 HIGH
ColdFusion <2023.12, 2021.18, 2025.0 - Deserialization
Apr 08, 2025
CVSS 8.4
EPSS 0.27
CVE-2025-30284 HIGH
ColdFusion <2023.12, 2021.18, 2025.0 - Deserialization
Apr 08, 2025
CVSS 8.4
EPSS 0.02
CVE-2025-30282 CRITICAL
ColdFusion <2023.12, 2021.18, 2025.0 - Auth Bypass
Apr 08, 2025
CVSS 9.1
EPSS 0.02
CVE-2025-30281 CRITICAL
ColdFusion <= 2025.0 - Authenticated Arbitrary Code Execution via Improper Access Control
Apr 08, 2025
CVSS 9.1
EPSS 0.20
CVE-2025-24447 CRITICAL
ColdFusion 2023.12 2021.18 2025.0 and earlier - Deserialization of Untrusted Data
Apr 08, 2025
CVSS 9.1
EPSS 0.02