CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-28547 – Adobe Creative Cloud for macOS Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-28547
Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority. Adobe Creative Cloud Desktop Application para macOS versión 5.3 (y anteriores), está afectada por una vulnerabilidad de escalada de privilegios que podría permitir a un usuario normal eliminar el directorio OOBE y obtener permisos de cualquier directorio bajo la autoridad del administrador • https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28613 – Adobe Creative Cloud Arbitrary File Overwrite Vulnerability
https://notcve.org/view.php?id=CVE-2021-28613
Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue requires local access, administrator privileges and user interaction. Adobe Creative Cloud Desktop Application versiones 5.4 (y anteriores) está afectada por una vulnerabilidad en el manejo de archivos que podría permitir a un atacante sobrescribir arbitrariamente un archivo. Una explotación de este problema requiere acceso local, privilegios de administrador e interacción del usuario • https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28581 – Adobe Creative Cloud Desktop uncontrolled search path element vulnerability could lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-28581
Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine. Adobe Creative Cloud Desktop versión 3.5 (y anteriores), está afectado por una vulnerabilidad de ruta de búsqueda no controlada que podría resultar en una elevación de privilegios. Es requerida una interacción del usuario para explotar este problema, ya que la víctima debe iniciar sesión en el equipo local del atacante • https://helpx.adobe.com/security/products/creative-cloud/apsb21-31.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28594 – Creative Cloud Desktop installer Uncontrolled Search Path element could lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-28594
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Creative Cloud Desktop Application (instalador) versiones 2.4 (y anteriores), está afectada por una vulnerabilidad de Elemento de Ruta de Búsqueda no Controlada. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28633 – Adobe Creative Cloud Installer Arbitrary File Write
https://notcve.org/view.php?id=CVE-2021-28633
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system. Adobe Creative Cloud Desktop Application (instalador) versiones 2.4 (y anteriores), está afectada por una vulnerabilidad de creación de archivos temporales No Seguros. Un atacante podría aprovechar esta vulnerabilidad para causar una sobrescritura arbitraria de archivos en el contexto del usuario actual. • https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •