Filtered by vendor Adobe
Subscriptions
Total
6970 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1861 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file with a JPX (aka JPEG2000) stream that triggers heap memory corruption. | ||||
| CVE-2006-5200 | 1 Adobe | 1 Breeze Licensed Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Adobe Breeze 5 Licensed Server and Breeze 5.1 Licensed Server allows attackers to read arbitrary files via unknown vectors related to "URL parsing." | ||||
| CVE-2008-5108 | 1 Adobe | 1 Adobe Air | 2025-04-09 | N/A |
| Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to execute untrusted JavaScript in an AIR application via unknown attack vectors. | ||||
| CVE-2006-5856 | 1 Adobe | 1 Download Manager | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file. | ||||
| CVE-2007-1874 | 1 Adobe | 1 Coldfusion | 2025-04-09 | N/A |
| Adobe ColdFusion MX 7 for Linux and Solaris uses insecure permissions for certain scripts and directories, which allows local users to execute arbitrary code or obtain sensitive information via the (1) CFMX7DreamWeaverExtensions.mxp, (2) CFReportBuilderInstaller.exe, (3) .com.zerog.registry.xml, (4) uninstall.lax, (5) license.txt, (6) Readme.htm, (7) .com.zerog.registry.xml, (8) k2adminstop, or (9) k2adminstart files; or (10) certain files in lib/wsconfig/. | ||||
| CVE-2007-0046 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters. | ||||
| CVE-2009-1493 | 3 Adobe, Linux, Redhat | 3 Reader, Linux Kernel, Rhel Extras | 2025-04-09 | N/A |
| The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument. | ||||
| CVE-2009-3462 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug." | ||||
| CVE-2009-2028 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues." | ||||
| CVE-2007-6148 | 1 Adobe | 2 Connect Enterprise Server, Flash Media Server 2 | 2025-04-09 | N/A |
| Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests. | ||||
| CVE-2008-3516 | 1 Adobe | 1 Presenter | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in files generated by Adobe Presenter 6 and 7 before 7.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) viewer.swf and (2) loadflash.js, a different vulnerability than CVE-2008-3515. | ||||
| CVE-2007-6431 | 1 Adobe | 2 Connect Enterprise Server, Flash Media Server 2 | 2025-04-09 | N/A |
| Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149. | ||||
| CVE-2008-0643 | 1 Adobe | 1 Coldfusion | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-0726 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. | ||||
| CVE-2008-1765 | 1 Adobe | 1 Photoshop | 2025-04-09 | N/A |
| Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and possibly After Effects CS3, allows user-assisted remote attackers and physically proximate attackers to execute arbitrary code via a BMP file with an invalid image header. NOTE: the related issue in Photoshop CS3 is already covered by CVE-2007-2244. | ||||
| CVE-2009-3463 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | N/A |
| Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6637 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1. | ||||
| CVE-2008-1654 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2025-04-09 | N/A |
| Interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services allow remote attackers to perform Cross-Site Request Forgery (CSRF) style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP control point, as demonstrated by changing the primary DNS server. | ||||
| CVE-2008-4546 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2025-04-09 | N/A |
| Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers. | ||||
| CVE-2007-1199 | 1 Adobe | 1 Acrobat Reader | 2025-04-09 | N/A |
| Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045. | ||||