CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2025-54236	High	73.7%	AdobeCommerce and Magento	Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.	Oct 24, 2025	KEV
CVE-2025-54253	High	28.7%	AdobeExperience Manager (AEM) Forms	Adobe Experience Manager Forms in JEE contains an unspecified vulnerability that allows for arbitrary code execution.	Oct 15, 2025	KEV
CVE-2017-3066	High	93.4%	AdobeColdFusion	Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code execution.	Feb 24, 2025	KEV
CVE-2024-20767	High	94.1%	AdobeColdFusion	Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted files via an internet-exposed admin panel.	Dec 16, 2024	KEV
CVE-2013-0643	High	57.9%	AdobeFlash Player	Adobe Flash Player contains an incorrect default permissions vulnerability in the Firefox sandbox that allows a remote attacker to execute arbitrary code via crafted SWF content.	Sep 17, 2024	KEV
CVE-2013-0648	High	54.7%	AdobeFlash Player	Adobe Flash Player contains an unspecified vulnerability in the ExternalInterface ActionScript functionality that allows a remote attacker to execute arbitrary code via crafted SWF content.	Sep 17, 2024	KEV
CVE-2014-0502	High	89.0%	AdobeFlash Player	Adobe Flash Player contains a double free vulnerability that allows a remote attacker to execute arbitrary code.	Sep 17, 2024	KEV
CVE-2014-0497	High	92.9%	AdobeFlash Player	Adobe Flash Player contains an integer underflow vulnerability that allows a remote attacker to execute arbitrary code.	Sep 17, 2024	KEV
CVE-2024-34102	High 9.8	94.3%	AdobeCommerce and Magento Open Source	Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.	Jul 17, 2024	KEVExploit
CVE-2023-38203	High	94.3%	AdobeColdFusion	Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.	Jan 8, 2024	KEV
CVE-2023-29300	High	93.7%	AdobeColdFusion	Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.	Jan 8, 2024	KEV
CVE-2023-21608	High	84.1%	AdobeAcrobat and Reader	Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user.	Oct 10, 2023	KEV
CVE-2023-26369	High	0.6%	AdobeAcrobat and Reader	Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.	Sep 14, 2023	KEV
CVE-2023-26359	High	84.7%	AdobeColdFusion	Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.	Aug 21, 2023	KEV
CVE-2023-38205	High	94.3%	AdobeColdFusion	Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.	Jul 20, 2023	KEV
CVE-2023-29298	High	94.3%	AdobeColdFusion	Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.	Jul 20, 2023	KEV
CVE-2023-26360	High	94.3%	AdobeColdFusion	Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.	Mar 15, 2023	KEV
CVE-2008-0655	High	68.8%	AdobeAcrobat and Reader	Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.	Jun 8, 2022	KEV
CVE-2010-1297	High	93.0%	AdobeFlash Player	Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).	Jun 8, 2022	KEV
CVE-2009-4324	High	92.9%	AdobeAcrobat and Reader	Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.	Jun 8, 2022	KEV

CVE-2025-54236KEV

High

Adobe Commerce and Magento Open Source contain an improper input validation vulnerability that could allow an attacker to take over customer accounts through the Commerce REST API.

AdobeEPSS 73.7%

CVE-2025-54253KEV

High

Adobe Experience Manager Forms in JEE contains an unspecified vulnerability that allows for arbitrary code execution.

AdobeEPSS 28.7%

CVE-2017-3066KEV

High

Adobe ColdFusion contains a deserialization vulnerability in the Apache BlazeDS library that allows for arbitrary code execution.

AdobeEPSS 93.4%

CVE-2024-20767KEV

High

Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted files via an internet-exposed admin panel.

AdobeEPSS 94.1%

CVE-2013-0643KEV

High

Adobe Flash Player contains an incorrect default permissions vulnerability in the Firefox sandbox that allows a remote attacker to execute arbitrary code via crafted SWF content.

AdobeEPSS 57.9%

CVE-2013-0648KEV

High

Adobe Flash Player contains an unspecified vulnerability in the ExternalInterface ActionScript functionality that allows a remote attacker to execute arbitrary code via crafted SWF content.

AdobeEPSS 54.7%

CVE-2014-0502KEV

High

Adobe Flash Player contains a double free vulnerability that allows a remote attacker to execute arbitrary code.

AdobeEPSS 89.0%

CVE-2014-0497KEV

High

Adobe Flash Player contains an integer underflow vulnerability that allows a remote attacker to execute arbitrary code.

AdobeEPSS 92.9%

CVE-2024-34102KEV

High

Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.

AdobeCVSS 9.8EPSS 94.3%

Exploit

CVE-2023-38203KEV

High

Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.

AdobeEPSS 94.3%

CVE-2023-29300KEV

High

Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution.

AdobeEPSS 93.7%

CVE-2023-21608KEV

High

Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user.

AdobeEPSS 84.1%

CVE-2023-26369KEV

High

Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.

AdobeEPSS 0.6%

CVE-2023-26359KEV

High

Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could result in code execution in the context of the current user.

AdobeEPSS 84.7%

CVE-2023-38205KEV

High

Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.

AdobeEPSS 94.3%

CVE-2023-29298KEV

High

Adobe ColdFusion contains an improper access control vulnerability that allows for a security feature bypass.

AdobeEPSS 94.3%

CVE-2023-26360KEV

High

Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for remote code execution.

AdobeEPSS 94.3%

CVE-2008-0655KEV

High

Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times.

AdobeEPSS 68.8%

CVE-2010-1297KEV

High

Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

AdobeEPSS 93.0%

CVE-2009-4324KEV

High

Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.

AdobeEPSS 92.9%

1 2 3 4