CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Adobe : Security Vulnerabilities Published In 2016 (Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-7889 200 +Info 2016-12-15 2016-12-22
5.0
None Remote Low Not required Partial None None
Adobe Digital Editions versions 4.5.2 and earlier has an issue with parsing crafted XML entries that could lead to information disclosure.
2 CVE-2016-7888 200 +Info 2016-12-15 2016-12-21
5.0
None Remote Low Not required Partial None None
Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak.
3 CVE-2016-7887 200 +Info 2016-12-15 2016-12-21
5.0
None Remote Low Not required Partial None None
Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important vulnerability that could lead to information disclosure.
4 CVE-2016-6936 200 +Info 2016-09-16 2017-08-12
5.0
None Remote Low Not required Partial None None
Adobe AIR SDK & Compiler before 23.0.0.257 on Windows does not support Android runtime-analytics transport security, which might allow remote attackers to obtain sensitive information by leveraging access to a network over which analytics data is sent.
5 CVE-2016-4278 200 Bypass +Info 2016-09-14 2017-08-12
5.0
None Remote Low Not required Partial None None
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4277.
6 CVE-2016-4277 200 Bypass +Info 2016-09-14 2017-08-12
5.0
None Remote Low Not required Partial None None
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-2016-4278.
7 CVE-2016-4271 200 Bypass +Info 2016-09-14 2017-08-12
5.0
None Remote Low Not required Partial None None
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue.
8 CVE-2016-4253 200 +Info 2016-08-09 2017-08-15
5.0
None Remote Low Not required Partial None None
The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors.
9 CVE-2016-4247 362 +Info 2016-07-12 2017-08-31
4.3
None Remote Medium Not required Partial None None
Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors.
10 CVE-2016-4232 200 +Info 2016-07-12 2017-09-02
5.0
None Remote Low Not required Partial None None
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.
11 CVE-2016-4178 200 Bypass +Info 2016-07-12 2017-08-31
5.0
None Remote Low Not required Partial None None
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
12 CVE-2016-4169 200 +Info 2016-08-09 2017-08-15
5.0
None Remote Low Not required Partial None None
Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors.
13 CVE-2016-1112 200 +Info 2016-05-11 2016-11-30
10.0
None Remote Low Not required Complete Complete Complete
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors.
14 CVE-2016-1092 200 +Info 2016-05-11 2016-11-30
5.0
None Remote Low Not required Partial None None
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079.
15 CVE-2016-1079 200 +Info 2016-05-11 2016-11-30
5.0
None Remote Low Not required Partial None None
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092.
16 CVE-2016-1035 200 +Info 2016-04-12 2016-12-02
5.0
None Remote Low Not required Partial None None
Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via unspecified vectors.
17 CVE-2016-0958 200 +Info 2016-02-10 2016-02-18
7.8
None Remote Low Not required Complete None None
Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object.
18 CVE-2016-0956 200 +Info 2016-02-10 2016-12-05
7.8
None Remote Low Not required Complete None None
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors.
Total number of vulnerabilities : 18   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.