Adobe Security Vulnerabilities (CVEs)
Track 1,274 security vulnerabilities affecting Adobe products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Adobe InDesign has an improper input validation vulnerability that allows attackers to cause denial-of-service by crashing the application. Users must...
Feb 11, 2025Adobe InDesign has an out-of-bounds write vulnerability that allows arbitrary code execution when a user opens a malicious file. This affects users of...
Feb 11, 2025An integer underflow vulnerability in Adobe InDesign allows arbitrary code execution when a user opens a malicious file. This affects users of InDesig...
Feb 11, 2025Adobe InDesign has a heap-based buffer overflow vulnerability that allows arbitrary code execution when a user opens a malicious file. This affects us...
Feb 11, 2025Adobe InDesign has an out-of-bounds read vulnerability that could allow attackers to read sensitive memory contents when users open malicious files. T...
Feb 11, 2025This DOM-based XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to execute arbitrary JavaScript in victims' browsers by m...
Feb 5, 2025This DOM-based XSS vulnerability in Adobe Experience Manager allows low-privileged attackers to execute arbitrary JavaScript in victims' browsers by m...
Feb 5, 2025CVE-2025-21136 is an out-of-bounds write vulnerability in Substance3D Designer that could allow arbitrary code execution when a user opens a malicious...
Jan 14, 2025A heap-based buffer overflow vulnerability in Substance3D Designer versions 14.0 and earlier allows attackers to execute arbitrary code when a user op...
Jan 14, 2025CVE-2025-21138 is an out-of-bounds write vulnerability in Substance3D Designer that could allow arbitrary code execution when a user opens a malicious...
Jan 14, 2025CVE-2025-21139 is a heap-based buffer overflow vulnerability in Substance3D Designer that allows arbitrary code execution when a user opens a maliciou...
Jan 14, 2025Adobe Animate versions 24.0.6, 23.0.9 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user ope...
Jan 14, 2025CVE-2025-21132 is an out-of-bounds write vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious f...
Jan 14, 2025Adobe Illustrator on iPad versions 3.0.7 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user ...
Jan 14, 2025Adobe Illustrator on iPad versions 3.0.7 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a user ...
Jan 14, 2025Adobe Photoshop Desktop versions 25.12, 26.1 and earlier contain an integer underflow vulnerability that could allow arbitrary code execution when a u...
Jan 14, 2025This CVE describes an uncontrolled search path element vulnerability in Adobe Photoshop Desktop that could allow arbitrary code execution. Attackers c...
Jan 14, 2025CVE-2025-21128 is a stack-based buffer overflow vulnerability in Substance3D Stager that allows arbitrary code execution when a user opens a malicious...
Jan 14, 2025A heap-based buffer overflow vulnerability in Substance3D Stager versions 3.0.4 and earlier allows attackers to execute arbitrary code with the privil...
Jan 14, 2025CVE-2025-21130 is an out-of-bounds write vulnerability in Adobe Substance3D Stager that allows arbitrary code execution when a user opens a malicious ...
Jan 14, 2025CVE-2025-21131 is an out-of-bounds write vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious f...
Jan 14, 2025This path traversal vulnerability in Adobe ColdFusion allows attackers to read arbitrary files from the server's filesystem when the admin panel is in...
Dec 23, 2024CVE-2022-44518 is a use-after-free vulnerability in Adobe Acrobat Reader DC that could allow an attacker to execute arbitrary code on a victim's syste...
Dec 19, 2024CVE-2022-44520 is a use-after-free vulnerability in Adobe Acrobat Reader DC that could allow an attacker to execute arbitrary code on a victim's syste...
Dec 19, 2024CVE-2022-44512 is an out-of-bounds write vulnerability in Adobe Acrobat Reader DC that could allow arbitrary code execution when a user opens a malici...
Dec 19, 2024This CVE describes a use-after-free vulnerability in Adobe Acrobat Reader DC that could allow arbitrary code execution when a user opens a malicious P...
Dec 19, 2024CVE-2022-44516 is an out-of-bounds read vulnerability in Adobe Acrobat Reader DC that allows attackers to bypass ASLR protections by tricking users in...
Dec 19, 2024CVE-2024-53959 is a stack-based buffer overflow vulnerability in Adobe Framemaker that allows arbitrary code execution when a user opens a malicious f...
Dec 10, 2024CVE-2024-53955 is an integer underflow vulnerability in Adobe Bridge that could allow arbitrary code execution when a user opens a malicious file. Thi...
Dec 10, 2024A heap-based buffer overflow vulnerability in Substance3D Painter allows attackers to execute arbitrary code when a user opens a malicious file. This ...
Dec 10, 2024CVE-2024-53003 is an out-of-bounds write vulnerability in Substance3D Modeler that could allow arbitrary code execution when a user opens a malicious ...
Dec 10, 2024CVE-2024-53005 is an out-of-bounds read vulnerability in Substance3D Modeler that could allow an attacker to read sensitive memory contents when a vic...
Dec 10, 2024This stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager allows attackers to inject malicious JavaScript into vulnerable form ...
Dec 10, 2024CVE-2024-52999 is a heap-based buffer overflow vulnerability in Substance3D Modeler that allows arbitrary code execution when a user opens a malicious...
Dec 10, 2024CVE-2024-53001 is an out-of-bounds write vulnerability in Substance3D Modeler that could allow arbitrary code execution when a user opens a malicious ...
Dec 10, 2024This stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager allows attackers to inject malicious JavaScript into vulnerable form ...
Dec 10, 2024This CVE describes a stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager (AEM) versions 6.5.21 and earlier. It allows attacker...
Dec 10, 2024This stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager allows attackers to inject malicious JavaScript into vulnerable form ...
Dec 10, 2024Adobe Experience Manager versions 6.5.21 and earlier contain a stored cross-site scripting vulnerability in form fields. An attacker can inject malici...
Dec 10, 2024Adobe Experience Manager versions 6.5.21 and earlier contain a stored Cross-Site Scripting (XSS) vulnerability where attackers can inject malicious sc...
Dec 10, 2024This stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager allows attackers to inject malicious JavaScript into vulnerable form ...
Dec 10, 2024Adobe Experience Manager versions 6.5.21 and earlier contain a stored Cross-Site Scripting (XSS) vulnerability where attackers can inject malicious Ja...
Dec 10, 2024This stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager allows attackers to inject malicious JavaScript into vulnerable form ...
Dec 10, 2024Adobe Experience Manager versions 6.5.21 and earlier contain a stored Cross-Site Scripting (XSS) vulnerability that allows attackers to inject malicio...
Dec 10, 2024Adobe Experience Manager versions 6.5.21 and earlier contain a stored cross-site scripting vulnerability that allows attackers to inject malicious Jav...
Dec 10, 2024This DOM-based XSS vulnerability in Adobe Experience Manager allows attackers to execute arbitrary JavaScript in victims' browsers by manipulating DOM...
Dec 10, 2024This DOM-based XSS vulnerability in Adobe Experience Manager allows attackers to inject malicious scripts that execute in victims' browsers when they ...
Dec 10, 2024Adobe Experience Manager versions 6.5.21 and earlier contain a stored Cross-Site Scripting vulnerability where attackers can inject malicious JavaScri...
Dec 10, 2024This DOM-based XSS vulnerability in Adobe Experience Manager allows attackers to execute arbitrary JavaScript in victims' browsers by manipulating DOM...
Dec 10, 2024This CVE describes a stored Cross-Site Scripting (XSS) vulnerability in Adobe Experience Manager (AEM) versions 6.5.21 and earlier, allowing attackers...
Dec 10, 2024Why Monitor Adobe Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,274+ known vulnerabilities affecting Adobe products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Adobe packages in under 60 seconds. No agents required - completely agentless scanning that works across Adobe deployments.
Free vulnerability database: Access detailed information about every Adobe CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Adobe CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
