CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1001 CVE-2020-9789 787 Exec Code 2020-06-09 2020-06-11
9.3
None Remote Medium Not required Complete Complete Complete
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.
1002 CVE-2020-9788 20 2020-06-09 2020-06-11
9.3
None Remote Medium Not required Complete Complete Complete
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.5. A file may be incorrectly rendered to execute JavaScript.
1003 CVE-2020-9785 119 Exec Code Overflow Mem. Corr. 2020-04-01 2020-04-02
9.3
None Remote Medium Not required Complete Complete Complete
Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.
1004 CVE-2020-9768 416 Exec Code 2020-04-01 2020-04-02
9.3
None Remote Medium Not required Complete Complete Complete
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges.
1005 CVE-2020-9750 125 Exec Code 2020-10-21 2020-10-23
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability, which could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.
1006 CVE-2020-9749 125 Exec Code 2020-10-21 2020-10-23
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.
1007 CVE-2020-9748 787 Exec Code Overflow 2020-10-21 2020-11-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.
1008 CVE-2020-9747 415 Exec Code 2020-10-21 2020-10-23
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.
1009 CVE-2020-9746 476 Exec Code 2020-10-14 2020-10-21
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL.
1010 CVE-2020-9722 416 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
1011 CVE-2020-9715 416 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
1012 CVE-2020-9704 120 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .
1013 CVE-2020-9701 120 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .
1014 CVE-2020-9700 120 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .
1015 CVE-2020-9699 120 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .
1016 CVE-2020-9698 120 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .
1017 CVE-2020-9693 787 Exec Code 2020-08-19 2020-08-19
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1018 CVE-2020-9691 79 Exec Code XSS 2020-07-29 2020-07-29
9.3
None Remote Medium Not required Complete Complete Complete
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.
1019 CVE-2020-9688 74 Exec Code 2020-07-17 2020-07-22
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
1020 CVE-2020-9682 59 2020-07-17 2020-07-22
10.0
None Remote Low Not required Complete Complete Complete
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write.
1021 CVE-2020-9662 787 Exec Code 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1022 CVE-2020-9661 125 Exec Code 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects versions 17.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution .
1023 CVE-2020-9660 787 Exec Code 2020-06-25 2020-06-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1024 CVE-2020-9659 787 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1025 CVE-2020-9658 787 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1026 CVE-2020-9657 787 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1027 CVE-2020-9656 787 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1028 CVE-2020-9655 125 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution .
1029 CVE-2020-9654 787 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1030 CVE-2020-9653 787 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
1031 CVE-2020-9652 125 Exec Code 2020-06-25 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution .
1032 CVE-2020-9642 119 Exec Code Overflow 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution .
1033 CVE-2020-9641 119 Exec Code Overflow Mem. Corr. 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
1034 CVE-2020-9640 119 Exec Code Overflow Mem. Corr. 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
1035 CVE-2020-9639 119 Exec Code Overflow Mem. Corr. 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
1036 CVE-2020-9638 787 Exec Code Overflow 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .
1037 CVE-2020-9637 787 Exec Code Overflow 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .
1038 CVE-2020-9633 416 Exec Code 2020-06-12 2020-07-06
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
1039 CVE-2020-9632 Exec Code Bypass 2020-06-26 2020-07-02
10.0
None Remote Low Not required Complete Complete Complete
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
1040 CVE-2020-9631 Exec Code Bypass 2020-06-26 2020-07-01
10.0
None Remote Low Not required Complete Complete Complete
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
1041 CVE-2020-9621 787 Exec Code Overflow 2020-06-26 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
1042 CVE-2020-9620 787 Exec Code Overflow 2020-06-26 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
1043 CVE-2020-9590 787 Exec Code Overflow 2020-06-26 2020-07-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
1044 CVE-2020-9589 787 Exec Code Overflow 2020-06-26 2020-07-01
9.3
None Remote Medium Not required Complete Complete Complete
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
1045 CVE-2020-9586 120 Exec Code Overflow 2020-06-26 2020-07-01
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Character Animator versions 3.2 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
1046 CVE-2020-9575 119 Exec Code Overflow Mem. Corr. 2020-06-25 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
1047 CVE-2020-9574 119 Exec Code Overflow Mem. Corr. 2020-06-26 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
1048 CVE-2020-9573 119 Exec Code Overflow Mem. Corr. 2020-06-26 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
1049 CVE-2020-9572 119 Exec Code Overflow Mem. Corr. 2020-06-26 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
1050 CVE-2020-9571 119 Exec Code Overflow Mem. Corr. 2020-06-26 2020-06-29
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.