CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
79 results · Page 3/4
Adobe ColdFusion Directory Traversal Vulnerability
Adobe · ColdFusion
A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files.
Required Action
Apply updates per vendor instructions.
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
Adobe · Reader and Acrobat
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code.
Required Action
Apply updates per vendor instructions.
Adobe ColdFusion Information Disclosure Vulnerability
Adobe · ColdFusion
Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server.
Required Action
Apply updates per vendor instructions.
Adobe ColdFusion Directory Traversal Vulnerability
Adobe · ColdFusion
Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories.
Required Action
Apply updates per vendor instructions.
Adobe ColdFusion Authentication Bypass Vulnerability
Adobe · ColdFusion
Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access.
Required Action
Apply updates per vendor instructions.
Adobe BlazeDS Information Disclosure Vulnerability
Adobe · BlazeDS
Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure.
Required Action
Apply updates per vendor instructions.
Adobe Flash Player Type Confusion Vulnerability
Adobe · Flash Player
Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Flash Player Use-After-Free Vulnerability
Adobe · Flash Player
Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Flash Player Arbitrary Code Execution Vulnerability
Adobe · Flash Player
An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Flash Player Arbitrary Code Execution Vulnerability
Adobe · Flash Player
Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Flash Player Arbitrary Code Execution Vulnerability
Adobe · Flash Player
Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Flash Player Use-After-Free Vulnerability
Adobe · Flash Player
A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Flash Player Memory Corruption Vulnerability
Adobe · Flash Player
A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Reader and Acrobat Use-After-Free Vulnerability
Adobe · Reader and Acrobat
Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution.
Required Action
Apply updates per vendor instructions.
Adobe Reader and Acrobat Memory Corruption Vulnerability
Adobe · Reader and Acrobat
Adobe Reader and Acrobat contain a memory corruption vulnerability which can allow attackers to execute arbitrary code or cause a denial of service.
Required Action
Apply updates per vendor instructions.
Adobe Reader Buffer Overflow Vulnerability
Adobe · Reader
A buffer overflow vulnerability exists in Adobe Reader which allows an attacker to perform remote code execution.
Required Action
Apply updates per vendor instructions.
Adobe Reader and Acrobat Memory Corruption Vulnerability
Adobe · Reader and Acrobat
An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.
Required Action
Apply updates per vendor instructions.
Adobe ColdFusion Authentication Bypass Vulnerability
Adobe · ColdFusion
An authentication bypass vulnerability exists in Adobe ColdFusion which could result in an unauthorized user gaining administrative access.
Required Action
Apply updates per vendor instructions.
Adobe Flash Player Arbitrary Code Execution Vulnerability
Adobe · Flash Player
Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Flash Player Remote Code Execution Vulnerability
Adobe · Flash Player
Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability
Adobe · Reader and Acrobat
Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.
Required Action
Apply updates per vendor instructions.
Adobe Reader and Acrobat Input Validation Vulnerability
Adobe · Acrobat and Reader
Adobe Acrobat and Reader contain an input validation issue in a JavaScript method that could potentially lead to remote code execution.
Required Action
Apply updates per vendor instructions.
Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability
Adobe · Commerce and Magento Open Source
Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.
Required Action
Apply updates per vendor instructions.
Adobe Flash Player Use-After-Free Vulnerability
Adobe · Flash Player
Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability
Adobe · Acrobat and Reader
Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
Required Action
Apply updates per vendor instructions.
