Adobe — Vulnerabilities & Security Advisories 4289

Browse all 4289 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-30318	InDesign Desktop \| Out-of-bounds Write (CWE-787) — InDesign DesktopCWE-787	7.8	High	2025-05-13
CVE-2025-30319	InDesign Desktop \| NULL Pointer Dereference (CWE-476) — InDesign DesktopCWE-476	5.5	Medium	2025-05-13
CVE-2025-30310	Dreamweaver Desktop \| Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843) — Dreamweaver DesktopCWE-843	7.8	High	2025-05-13
CVE-2025-27190	Adobe Commerce \| Improper Access Control (CWE-284) — Adobe CommerceCWE-284	5.3	Medium	2025-04-08
CVE-2025-27191	Adobe Commerce \| Improper Access Control (CWE-284) — Adobe CommerceCWE-284	5.3	Medium	2025-04-08
CVE-2025-27192	Adobe Commerce \| Insufficiently Protected Credentials (CWE-522) — Adobe CommerceCWE-522	2.7	Low	2025-04-08
CVE-2025-27188	Adobe Commerce \| Incorrect Authorization (CWE-863) — Adobe CommerceCWE-863	4.3	Medium	2025-04-08
CVE-2025-27189	Adobe Commerce \| Cross-Site Request Forgery (CSRF) (CWE-352) — Adobe CommerceCWE-352	4.3	Medium	2025-04-08
CVE-2025-30287	ColdFusion \| Improper Authentication (CWE-287) — ColdFusionCWE-287	8.2	High	2025-04-08
CVE-2025-30293	ColdFusion \| Improper Input Validation (CWE-20) — ColdFusionCWE-20	6.8	Medium	2025-04-08
CVE-2025-30292	ColdFusion \| Cross-site Scripting (Reflected XSS) (CWE-79) — ColdFusionCWE-79	6.1	Medium	2025-04-08
CVE-2025-30290	ColdFusion \| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) — ColdFusionCWE-22	8.7	High	2025-04-08
CVE-2025-30282	ColdFusion \| Improper Authentication (CWE-287) — ColdFusionCWE-287	9.1	Critical	2025-04-08
CVE-2025-30284	ColdFusion \| Deserialization of Untrusted Data (CWE-502) — ColdFusionCWE-502	8.4	High	2025-04-08
CVE-2025-30294	ColdFusion \| Improper Input Validation (CWE-20) — ColdFusionCWE-20	6.8	Medium	2025-04-08
CVE-2025-30289	ColdFusion \| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — ColdFusionCWE-78	8.2	High	2025-04-08
CVE-2025-30288	ColdFusion \| Improper Access Control (CWE-284) — ColdFusionCWE-284	8.2	High	2025-04-08
CVE-2025-24446	ColdFusion \| Improper Input Validation (CWE-20) — ColdFusionCWE-20	9.1	Critical	2025-04-08
CVE-2025-24447	ColdFusion \| Deserialization of Untrusted Data (CWE-502) — ColdFusionCWE-502	9.1	Critical	2025-04-08
CVE-2025-30281	ColdFusion \| Improper Access Control (CWE-284) — ColdFusionCWE-284	9.1	Critical	2025-04-08
CVE-2025-30291	ColdFusion \| Information Exposure (CWE-200) — ColdFusionCWE-200	5.5	Medium	2025-04-08
CVE-2025-30285	ColdFusion \| Deserialization of Untrusted Data (CWE-502) — ColdFusionCWE-502	8.4	High	2025-04-08
CVE-2025-30286	ColdFusion \| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — ColdFusionCWE-78	8.4	High	2025-04-08
CVE-2025-30307	XMPWorker \| Out-of-bounds Read (CWE-125) — XMPWorkerCWE-125	5.5	Medium	2025-04-08
CVE-2025-30308	XMPWorker \| Out-of-bounds Read (CWE-125) — XMPWorkerCWE-125	5.5	Medium	2025-04-08
CVE-2025-30305	XMPWorker \| Out-of-bounds Read (CWE-125) — XMPWorkerCWE-125	5.5	Medium	2025-04-08
CVE-2025-30306	XMPWorker \| Out-of-bounds Read (CWE-125) — XMPWorkerCWE-125	5.5	Medium	2025-04-08
CVE-2025-30309	XMPWorker \| Out-of-bounds Read (CWE-125) — XMPWorkerCWE-125	5.5	Medium	2025-04-08
CVE-2025-30300	Adobe Framemaker \| NULL Pointer Dereference (CWE-476) — Adobe FramemakerCWE-476	5.5	Medium	2025-04-08
CVE-2025-30303	Adobe Framemaker \| Out-of-bounds Read (CWE-125) — Adobe FramemakerCWE-125	5.5	Medium	2025-04-08

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Adobe — Vulnerabilities & Security Advisories 4289