CISA · government feed
Known Exploited Vulnerabilities
Vulnerabilities under active exploitation, mandated by CISA for federal patching.
78 total matches · showing 78
| CVE | Vendor / Product | Status | ||
|---|---|---|---|---|
| CVE-2026-34621 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Prototype Pollution Vulnerability | 2026-04-13 | Active |
| CVE-2020-9715 | Adobe Acrobat | Adobe Acrobat Use-After-Free Vulnerability | 2026-04-13 | Active |
| CVE-2025-54236 | Adobe Commerce and Magento | Adobe Commerce and Magento Improper Input Validation Vulnerability | 2025-10-24 | Active |
| CVE-2025-54253 | Adobe Experience Manager (AEM) Forms | Adobe Experience Manager Forms Code Execution Vulnerability | 2025-10-15 | Active |
| CVE-2017-3066 | Adobe ColdFusion | Adobe ColdFusion Deserialization Vulnerability | 2025-02-24 | Active |
| CVE-2024-20767 | Adobe ColdFusion | Adobe ColdFusion Improper Access Control Vulnerability | 2024-12-16 | Active |
| CVE-2014-0497 | Adobe Flash Player | Adobe Flash Player Integer Underflow Vulnerablity | 2024-09-17 | Active |
| CVE-2013-0643 | Adobe Flash Player | Adobe Flash Player Incorrect Default Permissions Vulnerability | 2024-09-17 | Active |
| CVE-2013-0648 | Adobe Flash Player | Adobe Flash Player Code Execution Vulnerability | 2024-09-17 | Active |
| CVE-2014-0502 | Adobe Flash Player | Adobe Flash Player Double Free Vulnerablity | 2024-09-17 | Active |
| CVE-2024-34102 | Adobe Commerce and Magento Open Source | Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability | 2024-07-17 | Active |
| CVE-2023-38203 | Adobe ColdFusion | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability | 2024-01-08 | Ransomware |
| CVE-2023-29300 | Adobe ColdFusion | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability | 2024-01-08 | Ransomware |
| CVE-2023-21608 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Use-After-Free Vulnerability | 2023-10-10 | Active |
| CVE-2023-26369 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability | 2023-09-14 | Active |
| CVE-2023-26359 | Adobe ColdFusion | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability | 2023-08-21 | Active |
| CVE-2023-38205 | Adobe ColdFusion | Adobe ColdFusion Improper Access Control Vulnerability | 2023-07-20 | Active |
| CVE-2023-29298 | Adobe ColdFusion | Adobe ColdFusion Improper Access Control Vulnerability | 2023-07-20 | Active |
| CVE-2023-26360 | Adobe ColdFusion | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability | 2023-03-15 | Active |
| CVE-2007-5659 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Buffer Overflow Vulnerability | 2022-06-08 | Active |
| CVE-2008-0655 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Unspecified Vulnerability | 2022-06-08 | Active |
| CVE-2009-1862 | Adobe Acrobat and Reader, Flash Player | Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability | 2022-06-08 | Active |
| CVE-2009-3953 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability | 2022-06-08 | Active |
| CVE-2009-4324 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Use-After-Free Vulnerability | 2022-06-08 | Active |
| CVE-2010-1297 | Adobe Flash Player | Adobe Flash Player Memory Corruption Vulnerability | 2022-06-08 | Active |
| CVE-2010-2883 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability | 2022-06-08 | Active |
| CVE-2011-0609 | Adobe Flash Player | Adobe Flash Player Unspecified Vulnerability | 2022-06-08 | Active |
| CVE-2011-2462 | Adobe Reader and Acrobat | Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability | 2022-06-08 | Active |
| CVE-2012-0754 | Adobe Flash Player | Adobe Flash Player Memory Corruption Vulnerability | 2022-06-08 | Active |
| CVE-2012-0767 | Adobe Flash Player | Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability | 2022-06-08 | Active |
| CVE-2012-5054 | Adobe Flash Player | Adobe Flash Player Integer Overflow Vulnerability | 2022-06-08 | Active |
| CVE-2018-4990 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Double Free Vulnerability | 2022-06-08 | Active |
| CVE-2014-0546 | Adobe Reader and Acrobat | Adobe Reader and Acrobat Sandbox Bypass Vulnerability | 2022-05-25 | Active |
| CVE-2014-8439 | Adobe Flash Player | Adobe Flash Player Dereferenced Pointer Vulnerability | 2022-05-25 | Active |
| CVE-2015-8651 | Adobe Flash Player | Adobe Flash Player Integer Overflow Vulnerability | 2022-05-25 | Active |
| CVE-2015-0310 | Adobe Flash Player | Adobe Flash Player ASLR Bypass Vulnerability | 2022-05-25 | Active |
| CVE-2016-0984 | Adobe Flash Player and AIR | Adobe Flash Player and AIR Use-After-Free Vulnerability | 2022-05-25 | Active |
| CVE-2016-1010 | Adobe Flash Player and AIR | Adobe Flash Player and AIR Integer Overflow Vulnerability | 2022-05-25 | Active |
| CVE-2018-5002 | Adobe Flash Player | Adobe Flash Player Stack-based Buffer Overflow Vulnerability | 2022-05-23 | Active |
| CVE-2014-9163 | Adobe Flash Player | Adobe Flash Player Stack-Based Buffer Overflow Vulnerability | 2022-04-13 | Active |
| CVE-2015-0311 | Adobe Flash Player | Adobe Flash Player Remote Code Execution Vulnerability | 2022-04-13 | Active |
| CVE-2015-0313 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2022-04-13 | Active |
| CVE-2015-3113 | Adobe Flash Player | Adobe Flash Player Heap-Based Buffer Overflow Vulnerability | 2022-04-13 | Active |
| CVE-2015-5122 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2022-04-13 | Active |
| CVE-2015-5123 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2022-04-13 | Active |
| CVE-2012-2034 | Adobe Flash Player | Adobe Flash Player Memory Corruption Vulnerability | 2022-03-28 | Active |
| CVE-2013-2729 | Adobe Reader and Acrobat | Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability | 2022-03-28 | Active |
| CVE-2009-0927 | Adobe Reader and Acrobat | Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability | 2022-03-25 | Active |
| CVE-2010-2861 | Adobe ColdFusion | Adobe ColdFusion Directory Traversal Vulnerability | 2022-03-25 | Ransomware |
| CVE-2016-4171 | Adobe Flash Player | Adobe Flash Player Remote Code Execution Vulnerability | 2022-03-25 | Active |
| CVE-2016-7892 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2022-03-25 | Active |
| CVE-2009-3960 | Adobe BlazeDS | Adobe BlazeDS Information Disclosure Vulnerability | 2022-03-07 | Ransomware |
| CVE-2013-0625 | Adobe ColdFusion | Adobe ColdFusion Authentication Bypass Vulnerability | 2022-03-07 | Active |
| CVE-2013-0629 | Adobe ColdFusion | Adobe ColdFusion Directory Traversal Vulnerability | 2022-03-07 | Active |
| CVE-2013-0631 | Adobe ColdFusion | Adobe ColdFusion Information Disclosure Vulnerability | 2022-03-07 | Active |
| CVE-2008-2992 | Adobe Acrobat and Reader | Adobe Reader and Acrobat Input Validation Vulnerability | 2022-03-03 | Ransomware |
| CVE-2010-0188 | Adobe Reader and Acrobat | Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability | 2022-03-03 | Ransomware |
| CVE-2011-0611 | Adobe Flash Player | Adobe Flash Player Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2012-1535 | Adobe Flash Player | Adobe Flash Player Arbitrary Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2013-0632 | Adobe ColdFusion | Adobe ColdFusion Authentication Bypass Vulnerability | 2022-03-03 | Active |
| CVE-2013-0640 | Adobe Reader and Acrobat | Adobe Reader and Acrobat Memory Corruption Vulnerability | 2022-03-03 | Active |
| CVE-2013-0641 | Adobe Reader | Adobe Reader Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2013-3346 | Adobe Reader and Acrobat | Adobe Reader and Acrobat Memory Corruption Vulnerability | 2022-03-03 | Active |
| CVE-2014-0496 | Adobe Reader and Acrobat | Adobe Reader and Acrobat Use-After-Free Vulnerability | 2022-03-03 | Active |
| CVE-2015-3043 | Adobe Flash Player | Adobe Flash Player Memory Corruption Vulnerability | 2022-03-03 | Active |
| CVE-2015-5119 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2022-03-03 | Active |
| CVE-2015-7645 | Adobe Flash Player | Adobe Flash Player Arbitrary Code Execution Vulnerability | 2022-03-03 | Ransomware |
| CVE-2016-1019 | Adobe Flash Player | Adobe Flash Player Arbitrary Code Execution Vulnerability | 2022-03-03 | Ransomware |
| CVE-2016-4117 | Adobe Flash Player | Adobe Flash Player Arbitrary Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2016-7855 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2022-03-03 | Active |
| CVE-2017-11292 | Adobe Flash Player | Adobe Flash Player Type Confusion Vulnerability | 2022-03-03 | Active |
| CVE-2018-15982 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2022-02-15 | Ransomware |
| CVE-2022-24086 | Adobe Commerce and Magento Open Source | Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability | 2022-02-15 | Active |
| CVE-2018-4878 | Adobe Flash Player | Adobe Flash Player Use-After-Free Vulnerability | 2021-11-03 | Ransomware |
| CVE-2018-15961 | Adobe ColdFusion | Adobe ColdFusion Unrestricted File Upload Vulnerability | 2021-11-03 | Active |
| CVE-2018-4939 | Adobe ColdFusion | Adobe ColdFusion Deserialization of Untrusted Data Vulnerability | 2021-11-03 | Active |
| CVE-2021-28550 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Use-After-Free Vulnerability | 2021-11-03 | Active |
| CVE-2021-21017 | Adobe Acrobat and Reader | Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability | 2021-11-03 | Active |
Feedback
How was this page?
Spotted something off, or have an idea? Let us know.