CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21582 – ZDI-CAN-18255: Adobe Digital Editions PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21582
12 Apr 2023 — Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a maliciou... • https://helpx.adobe.com/security/products/Digital-Editions/apsb23-04.html • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-39828 – Adobe Digital Editions Installer flaw leads to Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2021-39828
27 Sep 2021 — Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability. Adobe Digital Editions versiones 4.5.11.187646 (y anteriores), están afectadas por una vulnerabilidad de escalada de privilegios en el instalador de Digital Editions. Un atacante autenticado podría aprov... • https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-39827 – Adobe Digital Editions Installer flaw leads to Arbitrary File System Write
https://notcve.org/view.php?id=CVE-2021-39827
27 Sep 2021 — Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability. Adobe Digital Editions versiones 4.5.11.187646 (y anteriores), están afectadas por una vulnerabilidad de escritura de archivos arbitraria en el instalador de Digital Editions. Un ataca... • https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-39826 – Adobe Digital Editions Command Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39826
27 Sep 2021 — Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file. Adobe Digital Editions versiones 4.5.11.187646 (y anteriores), están afectadas por una vulnerabilidad de ejecución de comandos arbitrarios. Un atacante autenticado podría aprovechar esta vulne... • https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21100 – Adobe Digital Editions Arbitrary file system write vulnerability
https://notcve.org/view.php?id=CVE-2021-21100
15 Apr 2021 — Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Digital Editions versión 4.5.11.187245 (y anteriores) está afectada por una vulnerabilidad de escalada de privilegios durante la instalació... • https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3798
https://notcve.org/view.php?id=CVE-2020-3798
26 Jun 2020 — Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure. Adobe Digital Editions versiones 4.5.11.187212 y posteriores, presenta una vulnerabilidad de enumeración de archivos (host o red local). Una explotación con éxito podría conllevar a una divulgación de información • https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3759
https://notcve.org/view.php?id=CVE-2020-3759
13 Feb 2020 — Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure. Adobe Digital Editions versiones 4.5.10 y posteriores, presenta una vulnerabilidad de errores del búfer. Una explotación con éxito podría conllevar a una divulgación de información. • https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3760
https://notcve.org/view.php?id=CVE-2020-3760
13 Feb 2020 — Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe Digital Editions versiones 4.5.10 y posteriores, presenta una vulnerabilidad de inyección de comandos. Una explotación con éxito podría conllevar a una ejecución de código arbitrario. • https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2019-7095
https://notcve.org/view.php?id=CVE-2019-7095
24 May 2019 — Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe Digital Editions, en versiones 4.5.10.185749 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica (heap). La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. • https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12817
https://notcve.org/view.php?id=CVE-2018-12817
18 Jan 2019 — Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Digital Editions, en sus versiones 4.5.9 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/106472 • CWE-125: Out-of-bounds Read •