CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Adobe : Security Vulnerabilities Published In 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-8256 276 2019-12-19 2019-12-31
7.5
None Remote Low Not required Partial Partial Partial
ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default installation directory vulnerability. Successful exploitation could lead to privilege escalation.
2 CVE-2019-8234 352 CSRF 2019-10-25 2019-10-28
4.3
None Remote Medium Not required Partial None None
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.
3 CVE-2019-8089 79 XSS 2019-10-22 2019-10-23
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
4 CVE-2019-8088 77 Exec Code 2019-10-25 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
5 CVE-2019-8087 611 2019-10-25 2019-10-28
5.0
None Remote Low Not required Partial None None
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
6 CVE-2019-8086 611 2019-10-25 2019-10-28
5.0
None Remote Low Not required Partial None None
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
7 CVE-2019-8085 79 XSS 2019-10-25 2019-10-28
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
8 CVE-2019-8084 79 XSS 2019-10-25 2019-10-28
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
9 CVE-2019-8083 79 XSS 2019-10-25 2019-10-28
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
10 CVE-2019-8082 611 2019-10-25 2019-10-28
5.0
None Remote Low Not required Partial None None
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
11 CVE-2019-8081 Bypass 2019-10-25 2020-08-24
5.0
None Remote Low Not required Partial None None
Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authentication bypass vulnerability. Successful exploitation could lead to sensitive information disclosure.
12 CVE-2019-8080 79 XSS 2019-10-24 2019-10-28
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.4 and 6.3 have a stored cross site scripting vulnerability. Successful exploitation could lead to privilege escalation.
13 CVE-2019-8079 79 XSS 2019-10-24 2019-10-28
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
14 CVE-2019-8078 79 XSS 2019-10-24 2019-10-28
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
15 CVE-2019-8076 426 Exec Code 2019-09-12 2019-09-13
6.8
None Remote Medium Not required Partial Partial Partial
Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
16 CVE-2019-8074 22 Dir. Trav. Bypass 2019-09-27 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user.
17 CVE-2019-8073 77 Exec Code 2019-09-27 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user.
18 CVE-2019-8072 200 Bypass +Info 2019-09-27 2020-09-04
5.0
None Remote Low Not required Partial None None
ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
19 CVE-2019-8062 426 Exec Code 2019-08-14 2019-08-20
6.8
None Remote Medium Not required Partial Partial Partial
Adobe After Effects versions 16 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.
20 CVE-2019-7964 Exec Code Bypass 2019-08-16 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Successful exploitation could lead to remote code execution.
21 CVE-2019-7961 426 Exec Code 2019-08-14 2019-08-20
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.
22 CVE-2019-7955 79 XSS 2019-07-18 2019-07-19
5.8
None Remote Medium Not required Partial Partial None
Adobe Experience Manager version 6.4 and ealier have a Reflected Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.
23 CVE-2019-7954 79 XSS 2019-07-18 2019-07-29
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager version 6.4 and ealier have a Stored Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.
24 CVE-2019-7953 352 CSRF 2019-07-18 2019-07-19
4.3
None Remote Medium Not required Partial None None
Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user.
25 CVE-2019-7931 426 Exec Code 2019-08-14 2019-08-20
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.
26 CVE-2019-7870 426 Exec Code 2019-08-14 2019-08-20
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Character Animator versions 2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.
27 CVE-2019-7840 502 Exec Code 2019-06-12 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
28 CVE-2019-7839 77 Exec Code 2019-06-12 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
29 CVE-2019-7838 434 Exec Code Bypass 2019-06-12 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
30 CVE-2019-7816 434 Exec Code Bypass 2019-05-24 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
31 CVE-2019-7129 79 XSS 2019-05-29 2019-05-29
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
32 CVE-2019-7104 787 Exec Code Mem. Corr. 2019-05-23 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
33 CVE-2019-7092 79 XSS 2019-05-24 2020-09-04
4.3
None Remote Medium Not required None Partial None
ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability. Successful exploitation could lead to information disclosure .
34 CVE-2019-7091 502 Exec Code 2019-05-24 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
35 CVE-2018-19727 79 XSS 2019-01-28 2019-01-29
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
36 CVE-2018-19726 79 XSS 2019-01-28 2019-01-29
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
37 CVE-2018-19724 79 XSS 2019-01-28 2019-01-29
4.3
None Remote Medium Not required None Partial None
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
38 CVE-2018-19718 200 +Info 2019-01-18 2019-01-22
5.0
None Remote Low Not required Partial None None
Adobe Connect versions 9.8.1 and earlier have a session token exposure vulnerability. Successful exploitation could lead to exposure of the privileges granted to a session.
39 CVE-2018-12817 125 2019-01-18 2019-01-23
5.0
None Remote Low Not required Partial None None
Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
Total number of vulnerabilities : 39   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.