Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Adobe — Vulnerabilities & Security Advisories 4289

Browse all 4289 CVE security advisories affecting Adobe. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Adobe:Adobe Experience ManagerAdobe Acrobat and ReaderAcrobat ReaderAdobe CommerceIllustratorInDesign DesktopColdFusionDimensionBridgeAfter EffectsAnimateExperience ManagerSubstance3D - StagerMagento CommerceAdobe FramemakerSubstance3D - PainterInDesignInCopyPhotoshopMedia EncoderSubstance3D - ModelerAdobe Photoshop CCSubstance3D - DesignerAdobe ConnectAuditionFrameMakerMagentoAdobe PhotoshopPhotoshop DesktopSubstance3D - Sampler
CVE IDTitleCVSSSeverityPublished
CVE-2025-49526 Illustrator | Out-of-bounds Write (CWE-787) — IllustratorCWE-787 7.8 High2025-07-08
CVE-2025-43591 InDesign Desktop | Heap-based Buffer Overflow (CWE-122) — InDesign DesktopCWE-122 7.8 High2025-07-08
CVE-2025-43592 InDesign Desktop | Access of Uninitialized Pointer (CWE-824) — InDesign DesktopCWE-824 7.8 High2025-07-08
CVE-2025-43594 InDesign Desktop | Out-of-bounds Write (CWE-787) — InDesign DesktopCWE-787 7.8 High2025-07-08
CVE-2025-47134 InDesign Desktop | Heap-based Buffer Overflow (CWE-122) — InDesign DesktopCWE-122 7.8 High2025-07-08
CVE-2025-47136 InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191) — InDesign DesktopCWE-191 7.8 High2025-07-08
CVE-2025-47103 InDesign Desktop | Heap-based Buffer Overflow (CWE-122) — InDesign DesktopCWE-122 7.8 High2025-07-08
CVE-2025-49547 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79 5.4 Medium2025-07-08
CVE-2025-49534 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Experience ManagerCWE-79 5.4 Medium2025-07-08
CVE-2025-49533 Adobe Experience Manager (MS) | Deserialization of Untrusted Data (CWE-502) — Adobe Experience Manager (MS)CWE-502 9.8 Critical2025-07-08
CVE-2025-27203 Adobe Connect | Deserialization of Untrusted Data (CWE-502) — Adobe ConnectCWE-502 9.6 Critical2025-07-08
CVE-2025-27165 Substance3D - Stager | Out-of-bounds Read (CWE-125) — Substance3D - StagerCWE-125 5.5 Medium2025-07-08
CVE-2025-43584 Substance3D - Viewer | Out-of-bounds Read (CWE-125) — Substance3D - ViewerCWE-125 5.5 Medium2025-07-08
CVE-2025-43582 Substance3D - Viewer | Heap-based Buffer Overflow (CWE-122) — Substance3D - ViewerCWE-122 7.8 High2025-07-08
CVE-2025-43583 Substance3D - Viewer | NULL Pointer Dereference (CWE-476) — Substance3D - ViewerCWE-476 5.5 Medium2025-07-08
CVE-2025-49535 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 9.3 Critical2025-07-08
CVE-2025-49542 ColdFusion | Cross-site Scripting (Reflected XSS) (CWE-79) — ColdFusionCWE-79 5.2 Medium2025-07-08
CVE-2025-49536 ColdFusion | Incorrect Authorization (CWE-863) — ColdFusionCWE-863 7.3 High2025-07-08
CVE-2025-49539 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 4.5 Medium2025-07-08
CVE-2025-49545 ColdFusion | Server-Side Request Forgery (SSRF) (CWE-918) — ColdFusionCWE-918 6.2 Medium2025-07-08
CVE-2025-49541 ColdFusion | Cross-site Scripting (Stored XSS) (CWE-79) — ColdFusionCWE-79 4.3 Medium2025-07-08
CVE-2025-49537 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — ColdFusionCWE-78 7.9 High2025-07-08
CVE-2025-49551 ColdFusion | Use of Hard-coded Credentials (CWE-798) — ColdFusionCWE-798 8.8 High2025-07-08
CVE-2025-49546 ColdFusion | Improper Access Control (CWE-284) — ColdFusionCWE-284 2.4 Low2025-07-08
CVE-2025-49544 ColdFusion | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) — ColdFusionCWE-611 6.8 Medium2025-07-08
CVE-2025-49543 ColdFusion | Cross-site Scripting (Stored XSS) (CWE-79) — ColdFusionCWE-79 4.3 Medium2025-07-08
CVE-2025-49540 ColdFusion | Cross-site Scripting (Stored XSS) (CWE-79) — ColdFusionCWE-79 4.3 Medium2025-07-08
CVE-2025-49538 ColdFusion | XML Injection (aka Blind XPath Injection) (CWE-91) — ColdFusionCWE-91 7.4 High2025-07-08
CVE-2025-30312 Dimension | Out-of-bounds Write (CWE-787) — DimensionCWE-787 7.8 High2025-07-08
CVE-2025-47135 Dimension | Out-of-bounds Read (CWE-125) — DimensionCWE-125 5.5 Medium2025-07-08

This page lists every published CVE security advisory associated with Adobe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.