CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21078 – Adobe Creative Cloud Unquoted Service Path in CCXProcess
https://notcve.org/view.php?id=CVE-2021-21078
12 Mar 2021 — Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution in the process of the current user. Exploitation of this issue requires user interaction Adobe Creative Cloud Desktop Application versiones 5.3 (y anteriores), está afectada por una vulnerabilidad de Ruta de Servicio Sin Comillas en CCXProcess que podría permitir a un atacante lograr una ejecución de código arb... • https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html • CWE-426: Untrusted Search Path •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21068 – Adobe Creative Cloud installer arbitrary file overwrite vulnerability
https://notcve.org/view.php?id=CVE-2021-21068
12 Mar 2021 — Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction. Adobe Creative Cloud Desktop Application versiones 5.3 (y anteriores), está afectada por una vulnerabilidad de manejo de archivos que podría permitir a un atacante causar una sobrescritura de archivos arbitraria. Una explotación de este problema requiere ... • https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21069 – Adobe Creative Cloud Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-21069
12 Mar 2021 — Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction. Adobe Creative Cloud Desktop Application versiones 5.3 (y anteriores), está afectada por una vulnerabilidad de escalada de privilegios local que podría permitir a un atacante llamar funciones contra el instalador para ll... • https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-24422 – Uncontrolled Search Path in Creative Cloud Desktop Application
https://notcve.org/view.php?id=CVE-2020-24422
21 Oct 2020 — Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Creative Cloud Desktop Application versión 5.2 (y anteriores) y versión 2.1 (y anteriores) para Windows, está afectada por una vulnerabilidad de ruta de búsqueda no con... • https://helpx.adobe.com/security/products/creative-cloud/apsb20-68.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9682
https://notcve.org/view.php?id=CVE-2020-9682
17 Jul 2020 — Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write. Adobe Creative Cloud Desktop Application versiones 5.1 y anteriores, presentan una vulnerabilidad de enlace simbólico. Una explotación con éxito podría conllevar a una escritura arbitraria del sistema de archivos • https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9671
https://notcve.org/view.php?id=CVE-2020-9671
17 Jul 2020 — Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. Adobe Creative Cloud Desktop Application versiones 5.1 y anteriores, presentan una vulnerabilidad de permisos de archivos no seguros. Una explotación con éxito podría conllevar a una escalada de privilegios • https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9670
https://notcve.org/view.php?id=CVE-2020-9670
16 Jul 2020 — Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation. Adobe Creative Cloud Desktop Application versiones 5.1 y anteriores, presentan una vulnerabilidad de vulnerabilidad de enlace simbólico. Una explotación con éxito podría conllevar a una escalada de privilegios • https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9669
https://notcve.org/view.php?id=CVE-2020-9669
16 Jul 2020 — Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. Adobe Creative Cloud Desktop Application versiones 5.1 y anteriores, presentan una vulnerabilidad de falta de mitigación de explotación. Una explotación con éxito podría conllevar a una escalada de privilegios • https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html • CWE-269: Improper Privilege Management •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3808
https://notcve.org/view.php?id=CVE-2020-3808
25 Mar 2020 — Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion. Creative Cloud Desktop Application versiones 5.0 y anteriores, presenta una vulnerabilidad de condición de carrera de tiempo de comprobación a tiempo de uso (toctou). Una explotación con éxito podría conllevar a una eliminación de archivos arbitraria. • https://helpx.adobe.com/security/products/creative-cloud/apsb20-11.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8236
https://notcve.org/view.php?id=CVE-2019-8236
23 Oct 2019 — Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. Creative Cloud Desktop Application versión 4.6.1 y versiones anteriores, presenta una vulnerabilidad de Omisión de Seguridad. Su explotación con éxito podría conllevar a la Escalada de Privilegios en el contexto del usuario actual. • https://helpx.adobe.com/security/products/creative-cloud/apsb19-39.html •