CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27169 – Illustrator | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2025-27169
11 Mar 2025 — Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-17.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27167 – Illustrator | Untrusted Search Path (CWE-426)
https://notcve.org/view.php?id=CVE-2025-27167
11 Mar 2025 — Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that t... • https://helpx.adobe.com/security/products/illustrator/apsb25-17.html • CWE-426: Untrusted Search Path •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27170 – Illustrator | NULL Pointer Dereference (CWE-476)
https://notcve.org/view.php?id=CVE-2025-27170
11 Mar 2025 — Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-17.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27168 – Illustrator | Stack-based Buffer Overflow (CWE-121)
https://notcve.org/view.php?id=CVE-2025-27168
11 Mar 2025 — Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-17.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24449 – Illustrator | Out-of-bounds Read (CWE-125)
https://notcve.org/view.php?id=CVE-2025-24449
11 Mar 2025 — Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-17.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24448 – Illustrator | Out-of-bounds Read (CWE-125)
https://notcve.org/view.php?id=CVE-2025-24448
11 Mar 2025 — Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-17.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21160 – Illustrator | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2025-21160
11 Feb 2025 — Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-11.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21163 – Illustrator | Stack-based Buffer Overflow (CWE-121)
https://notcve.org/view.php?id=CVE-2025-21163
11 Feb 2025 — Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-11.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21159 – Illustrator | Use After Free (CWE-416)
https://notcve.org/view.php?id=CVE-2025-21159
11 Feb 2025 — Illustrator versions 29.1, 28.7.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator/apsb25-11.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21134 – Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2025-21134
14 Jan 2025 — Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. • https://helpx.adobe.com/security/products/illustrator-mobile-ios/apsb25-04.html • CWE-191: Integer Underflow (Wrap or Wraparound) •