cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-34116,https://securityvulnerability.io/vulnerability/CVE-2024-34116,Adobe Creative Cloud Desktop Vulnerability Could Lead to Arbitrary File Delete,"The vulnerability in Adobe Creative Cloud Desktop versions up to 6.1.0.587 highlights an Uncontrolled Search Path Element flaw. This issue allows an attacker to compromise security features by loading and executing malicious libraries, which can lead to unauthorized arbitrary file deletion. Exploitation of this vulnerability necessitates user interaction, making security awareness crucial for users of the affected software.",Adobe,Creative Cloud Desktop,7.1,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-06-13T11:26:35.460Z,0
CVE-2023-26358,https://securityvulnerability.io/vulnerability/CVE-2023-26358,Adobe Creative Cloud AdobeExtensionService.exe local privilege escalation vulnerability,"The Adobe Creative Cloud application is susceptible to an Untrusted Search Path vulnerability, which could allow attackers to execute malicious programs by manipulating the search path for critical resources. An attacker could direct the application to execute their own files instead of the legitimate ones, potentially leading to unauthorized access to sensitive information or modifications of critical application configurations. This issue poses significant risks to users as it affects the integrity and security of the software's environment.",Adobe,Creative Cloud (desktop component),7.8,HIGH,0.0008200000156648457,false,,false,false,false,,,false,false,,2023-03-22T00:00:00.000Z,0
CVE-2022-23202,https://securityvulnerability.io/vulnerability/CVE-2022-23202,Adobe Creative Cloud Desktop Uncontrolled Search Path Element Arbitrary code execution,Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a malicious DLL file. The attacker has to deliver the DLL on the same folder as the installer which makes it as a high complexity attack vector.,Adobe,Creative Cloud (desktop Component),7,HIGH,0.0018400000408291817,false,,false,false,false,,,false,false,,2022-02-16T17:15:00.000Z,0
CVE-2021-43019,https://securityvulnerability.io/vulnerability/CVE-2021-43019,Adobe Creative Cloud Incorrect Permission Assignment Privilege Escalation Vulnerability,Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attacker could leverage this vulnerability to remove files and escalate privileges under the context of SYSTEM . An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability on the product installer. User interaction is required before product installation to abuse this vulnerability.,Adobe,Creative Cloud (desktop Component),7.8,HIGH,0.0015699999639764428,false,,false,false,false,,,false,false,,2021-11-23T19:15:00.000Z,0
CVE-2021-28547,https://securityvulnerability.io/vulnerability/CVE-2021-28547,Adobe Creative Cloud for macOS Privilege Escalation Vulnerability,Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority.,Adobe,Creative Cloud (desktop Component),7.8,HIGH,0.0006600000197067857,false,,false,false,false,,,false,false,,2021-09-29T16:15:00.000Z,0
CVE-2021-28613,https://securityvulnerability.io/vulnerability/CVE-2021-28613,Adobe Creative Cloud Arbitrary File Overwrite Vulnerability,"Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is affected by a file handling vulnerability that could allow an attacker to arbitrarily overwrite a file. Exploitation of this issue requires local access, administrator privileges and user interaction.",Adobe,Creative Cloud (desktop Component),7.4,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2021-09-27T16:15:00.000Z,0
CVE-2021-28581,https://securityvulnerability.io/vulnerability/CVE-2021-28581,Adobe Creative Cloud Desktop uncontrolled search path element vulnerability could lead to local privilege escalation,Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine.,Adobe,Creative Cloud (desktop Component),7.3,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2021-09-08T14:15:00.000Z,0
CVE-2021-28633,https://securityvulnerability.io/vulnerability/CVE-2021-28633,Adobe Creative Cloud Installer Arbitrary File Write,Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires physical interaction to the system.,Adobe,Creative Cloud (desktop Component),6.1,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2021-08-24T19:15:00.000Z,0
CVE-2021-21068,https://securityvulnerability.io/vulnerability/CVE-2021-21068,Adobe Creative Cloud installer arbitrary file overwrite vulnerability,Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.,Adobe,Creative Cloud (desktop Component),6.1,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2021-03-12T19:15:00.000Z,0
CVE-2021-21069,https://securityvulnerability.io/vulnerability/CVE-2021-21069,Adobe Creative Cloud Privilege Escalation Vulnerability,Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.,Adobe,Creative Cloud (desktop Component),7.8,HIGH,0.0015699999639764428,false,,false,false,false,,,false,false,,2021-03-12T19:15:00.000Z,0
CVE-2021-21078,https://securityvulnerability.io/vulnerability/CVE-2021-21078,Adobe Creative Cloud Unquoted Service Path in CCXProcess,Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted Service Path vulnerability in CCXProcess that could allow an attacker to achieve arbitrary code execution in the process of the current user. Exploitation of this issue requires user interaction,Adobe,Creative Cloud (desktop Component),6.5,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2021-03-12T19:15:00.000Z,0
CVE-2020-24422,https://securityvulnerability.io/vulnerability/CVE-2020-24422,Uncontrolled Search Path in Creative Cloud Desktop Application,Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.,Adobe,Creative Cloud (desktop Component),7,HIGH,0.0014199999859556556,false,,false,false,false,,,false,false,,2020-10-21T20:15:00.000Z,0
CVE-2020-9669,https://securityvulnerability.io/vulnerability/CVE-2020-9669,Privilege Escalation Vulnerability in Adobe Creative Cloud Desktop Application,"The Adobe Creative Cloud Desktop Application versions 5.1 and earlier contain a vulnerability due to inadequate exploit mitigations. If successfully exploited, this vulnerability could allow an attacker to escalate privileges within the application, potentially leading to unauthorized access and control over sensitive user data. Organizations using affected versions should prioritize updates to safeguard their systems and mitigate risks associated with this vulnerability.",Adobe,Adobe Creative Cloud Desktop Application,9.8,CRITICAL,0.0024999999441206455,false,,false,false,false,,,false,false,,2020-07-17T00:15:00.000Z,0
CVE-2020-9670,https://securityvulnerability.io/vulnerability/CVE-2020-9670,Symlink Vulnerability in Adobe Creative Cloud Desktop Application,"The Adobe Creative Cloud Desktop Application versions 5.1 and earlier are affected by a symlink vulnerability that can potentially allow attackers to escalate their privileges on the affected systems. If successfully exploited, this vulnerability may enable unauthorized access and control over sensitive data and system functions, thereby putting users at risk. It is essential for users and administrators to apply the relevant updates to safeguard their systems.",Adobe,Adobe Creative Cloud Desktop Application,9.8,CRITICAL,0.0024999999441206455,false,,false,false,false,,,false,false,,2020-07-17T00:15:00.000Z,0
CVE-2020-9682,https://securityvulnerability.io/vulnerability/CVE-2020-9682,Symlink Vulnerability in Adobe Creative Cloud Desktop Application,"The Adobe Creative Cloud Desktop Application versions 5.1 and earlier contain a symlink vulnerability that can be exploited to perform arbitrary file system writes. This issue presents a significant risk, as it allows malicious actors to manipulate files on the system without proper authorization, potentially leading to further compromise of the affected environment.",Adobe,Adobe Creative Cloud Desktop Application,9.8,CRITICAL,0.0035600000992417336,false,,false,false,false,,,false,false,,2020-07-17T00:01:25.000Z,0
CVE-2020-9671,https://securityvulnerability.io/vulnerability/CVE-2020-9671,,Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.,Adobe,Adobe Creative Cloud Desktop Application,9.8,CRITICAL,0.0024999999441206455,false,,false,false,false,,,false,false,,2020-07-17T00:00:01.000Z,0
CVE-2020-3808,https://securityvulnerability.io/vulnerability/CVE-2020-3808,,Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion.,Adobe,Creative Cloud Desktop Application,5.9,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2020-03-25T19:12:54.000Z,0
CVE-2019-8236,https://securityvulnerability.io/vulnerability/CVE-2019-8236,,Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user.,Adobe,Adobe Creative Cloud Desktop Application,9.8,CRITICAL,0.0034000000450760126,false,,false,false,false,,,false,false,,2019-10-23T20:46:53.000Z,0
CVE-2019-7959,https://securityvulnerability.io/vulnerability/CVE-2019-7959,,Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution.,Adobe,Creative Cloud Desktop Application,9.8,CRITICAL,0.005049999803304672,false,,false,false,false,,,false,false,,2019-08-16T16:40:45.000Z,0
CVE-2019-7958,https://securityvulnerability.io/vulnerability/CVE-2019-7958,,Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Successful exploitation could lead to privilege escalation.,Adobe,Creative Cloud Desktop Application,9.8,CRITICAL,0.0024999999441206455,false,,false,false,false,,,false,false,,2019-08-16T16:38:49.000Z,0
CVE-2019-7957,https://securityvulnerability.io/vulnerability/CVE-2019-7957,,Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Successful exploitation could lead to denial of service.,Adobe,Creative Cloud Desktop Application,7.5,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2019-08-16T16:37:37.000Z,0
CVE-2019-8063,https://securityvulnerability.io/vulnerability/CVE-2019-8063,,Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage.,Adobe,Creative Cloud Desktop Application,7.5,HIGH,0.0026000000070780516,false,,false,false,false,,,false,false,,2019-08-16T16:36:06.000Z,0
CVE-2019-7093,https://securityvulnerability.io/vulnerability/CVE-2019-7093,,Creative Cloud Desktop Application (installer) versions 4.7.0.400 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.,Adobe,Creative Cloud Desktop Application (installer),7.8,HIGH,0.000859999970998615,false,,false,false,false,,,false,false,,2019-05-24T18:45:19.000Z,0
CVE-2018-12829,https://securityvulnerability.io/vulnerability/CVE-2018-12829,,Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability. Successful exploitation could lead to privilege escalation.,Adobe,Adobe Creative Cloud Desktop Application Before 4.6.1,9.8,CRITICAL,0.005810000002384186,false,,false,false,false,,,false,false,,2018-08-29T13:00:00.000Z,0
CVE-2018-5003,https://securityvulnerability.io/vulnerability/CVE-2018-5003,,Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer) has an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.,Adobe,Adobe Creative Cloud Desktop Application Before 4.5.5.342,7.8,HIGH,0.0019600000232458115,false,,false,false,false,,,false,false,,2018-08-29T13:00:00.000Z,0