Search Results (7321 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0713 1 Adobe 3 Acrobat, Acrobat Business Tools, Acrobat Reader 2026-04-16 N/A
Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.
CVE-2006-1627 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure.
CVE-2002-1017 1 Adobe 1 Digital Editions 2026-04-16 N/A
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code.
CVE-2005-0918 2 Adobe, Microsoft 2 Svg Viewer, Internet Explorer 2026-04-16 N/A
The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet Explorer, allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page immediately stops loading, which indicates whether the file exists or not.
CVE-2004-0632 1 Adobe 2 Acrobat, Acrobat Reader 2026-04-16 N/A
Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.
CVE-2005-4708 1 Adobe 9 Captivate, Contribute, Director and 6 more 2026-04-16 N/A
Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System.
CVE-2004-0630 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2026-04-16 N/A
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.
CVE-2005-0151 1 Adobe 3 Creative Suite, Photoshop, Premiere 2026-04-16 N/A
Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges.
CVE-2006-4726 1 Adobe 1 Coldfusion 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page.
CVE-2006-1788 1 Adobe 1 Document Server 2026-04-16 N/A
Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks.
CVE-2002-0030 1 Adobe 2 Acrobat, Acrobat Reader 2026-04-16 N/A
The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.
CVE-2004-1598 1 Adobe 2 Acrobat, Acrobat Reader 2026-04-16 N/A
Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.
CVE-1999-0133 1 Adobe 1 Framemaker 2026-04-16 N/A
fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access.
CVE-2002-1764 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2006-2042 1 Adobe 1 Dreamweaver 2026-04-16 N/A
Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
CVE-2002-1020 1 Adobe 1 Adobe Content Server 2026-04-16 N/A
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.
CVE-2006-0525 1 Adobe 9 Acrobat, Acrobat Reader, Creative Suite and 6 more 2026-04-16 N/A
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.
CVE-2005-1306 1 Adobe 2 Acrobat, Acrobat Reader 2026-04-16 7.5 High
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."
CVE-2006-1182 1 Adobe 2 Document Server, Graphics Server 2026-04-16 N/A
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.
CVE-2026-27222 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2026-04-15 5.5 Medium
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or render it unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.