Search
Total
295 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8078 | 1 Adobe | 1 Experience Manager | 2019-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8234 | 1 Adobe | 1 Experience Manager | 2019-10-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site request forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8084 | 1 Adobe | 1 Experience Manager | 2019-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflected cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-8083 | 1 Adobe | 1 Experience Manager | 2019-10-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2019-7954 | 1 Adobe | 1 Experience Manager | 2019-07-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager version 6.4 and ealier have a Stored Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user. | |||||
| CVE-2019-7953 | 1 Adobe | 1 Experience Manager | 2019-07-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Experience Manager version 6.4 and ealier have a Cross-Site Request Forgery vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user. | |||||
| CVE-2019-7955 | 1 Adobe | 1 Experience Manager | 2019-07-19 | 5.8 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager version 6.4 and ealier have a Reflected Cross-site Scripting vulnerability. Successful exploitation could lead to Sensitive Information disclosure in the context of the current user. | |||||
| CVE-2018-19727 | 1 Adobe | 1 Experience Manager | 2019-01-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-19724 | 1 Adobe | 1 Experience Manager | 2019-01-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-19726 | 1 Adobe | 1 Experience Manager | 2019-01-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15969 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15970 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15971 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15972 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15973 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-12806 | 1 Adobe | 1 Experience Manager | 2018-11-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-5005 | 1 Adobe | 1 Experience Manager | 2018-11-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a Cross-site Scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-12807 | 1 Adobe | 1 Experience Manager | 2018-11-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an input validation bypass vulnerability. Successful exploitation could lead to unauthorized information modification. | |||||
| CVE-2016-0956 | 5 Adobe, Apache, Apple and 2 more | 5 Experience Manager, Sling, Mac Os X and 2 more | 2018-10-09 | 7.8 HIGH | 7.5 HIGH |
| The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2018-12809 | 1 Adobe | 1 Experience Manager | 2018-09-17 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-5004 | 1 Adobe | 1 Experience Manager | 2018-09-17 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-5006 | 1 Adobe | 1 Experience Manager | 2018-09-17 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-4929 | 1 Adobe | 1 Experience Manager | 2018-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.2 and earlier have an exploitable stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-4930 | 1 Adobe | 1 Experience Manager | 2018-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-4931 | 1 Adobe | 1 Experience Manager | 2018-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.1 and earlier have an exploitable stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-4875 | 1 Adobe | 1 Experience Manager | 2018-03-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM. | |||||
| CVE-2018-4876 | 1 Adobe | 1 Experience Manager | 2018-03-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function. | |||||
| CVE-2017-3111 | 1 Adobe | 1 Experience Manager | 2017-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances. | |||||
| CVE-2017-11296 | 1 Adobe | 1 Experience Manager | 2017-12-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager. | |||||
| CVE-2017-3109 | 1 Adobe | 1 Experience Manager | 2017-12-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Adobe Experience Manager has a reflected cross-site scripting vulnerability in the HtmlRendererServlet. | |||||
| CVE-2017-3110 | 1 Adobe | 1 Experience Manager | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager 6.1 and earlier has a sensitive data exposure vulnerability. | |||||
| CVE-2017-3107 | 1 Adobe | 1 Experience Manager | 2017-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. | |||||
| CVE-2017-3108 | 1 Adobe | 1 Experience Manager | 2017-08-16 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. | |||||
| CVE-2016-4170 | 1 Adobe | 1 Experience Manager | 2017-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-4168 | 1 Adobe | 1 Experience Manager | 2017-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-4253 | 1 Adobe | 1 Experience Manager | 2017-08-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-4169 | 1 Adobe | 1 Experience Manager | 2017-08-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors. | |||||
| CVE-2016-6933 | 1 Adobe | 2 Experience Manager, Livecycle | 2016-12-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks. | |||||
| CVE-2016-7882 | 1 Adobe | 1 Experience Manager | 2016-12-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.2 and earlier have an input validation issue in the WCMDebug filter that could be used in cross-site scripting attacks. | |||||
| CVE-2016-7885 | 1 Adobe | 1 Experience Manager | 2016-12-22 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. | |||||
| CVE-2016-7883 | 1 Adobe | 1 Experience Manager | 2016-12-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager version 6.2 has an input validation issue in create Launch wizard that could be used in cross-site scripting attacks. | |||||
| CVE-2016-7884 | 1 Adobe | 1 Experience Manager | 2016-12-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.1 and earlier have an input validation issue in the DAM create assets that could be used in cross-site scripting attacks. | |||||
| CVE-2016-0955 | 4 Adobe, Apple, Linux and 1 more | 4 Experience Manager, Mac Os X, Linux Kernel and 1 more | 2016-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a folder title field that is mishandled in the Deletion popup dialog. | |||||
| CVE-2016-0957 | 4 Adobe, Apple, Linux and 1 more | 5 Dispatcher, Experience Manager, Mac Os X and 2 more | 2016-02-25 | 7.8 HIGH | 7.5 HIGH |
| Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors. | |||||
| CVE-2016-0958 | 4 Adobe, Apple, Linux and 1 more | 4 Experience Manager, Mac Os X, Linux Kernel and 1 more | 2016-02-18 | 7.8 HIGH | 7.5 HIGH |
| Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object. | |||||