Adobe Illustrator vulnerabilities

CVE-2025-21160 [HIGH] CWE-191 CVE-2025-21160: Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparou Illustrator versions 29.1, 28.7.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21163 [HIGH] CWE-121 CVE-2025-21163: Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerab Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-49538 [HIGH] CWE-787 CVE-2024-49538: Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds write vulnerability Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-49541 [MEDIUM] CWE-125 CVE-2024-49541: Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47450 [HIGH] CWE-122 CVE-2024-47450: Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability t Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47452 [HIGH] CWE-787 CVE-2024-47452: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that co Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47451 [HIGH] CWE-787 CVE-2024-47451: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that co Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-45114 [HIGH] CWE-787 CVE-2024-45114: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that co Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47453 [MEDIUM] CWE-125 CVE-2024-47453: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that cou Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47455 [MEDIUM] CWE-125 CVE-2024-47455: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that cou Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47454 [MEDIUM] CWE-125 CVE-2024-47454: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that cou Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47456 [MEDIUM] CWE-125 CVE-2024-47456: Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that cou Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-47457 [MEDIUM] CWE-476 CVE-2024-47457: Illustrator versions 28.7.1 and earlier are affected by a NULL Pointer Dereference vulnerability tha Illustrator versions 28.7.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a mali

CVE-2024-43758 [HIGH] CWE-416 CVE-2024-43758: Illustrator versions 28.6, 27.9.5 and earlier are affected by a Use After Free vulnerability that co Illustrator versions 28.6, 27.9.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-34121 [HIGH] CWE-190 CVE-2024-34121: Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vuln Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-41857 [HIGH] CWE-191 CVE-2024-41857: Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Underflow (Wrap or Wraparou Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-45111 [MEDIUM] CWE-125 CVE-2024-45111: Illustrator versions 28.6, 27.9.5 and earlier are affected by an out-of-bounds read vulnerability th Illustrator versions 28.6, 27.9.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-43759 [MEDIUM] CWE-476 CVE-2024-43759: Illustrator versions 28.6, 27.9.5 and earlier are affected by a NULL Pointer Dereference vulnerabili Illustrator versions 28.6, 27.9.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue requires user interaction in that a victim must open a malici

CVE-2024-41856 [HIGH] CWE-20 CVE-2024-41856: Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Valida Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2024-34133 [HIGH] CWE-787 CVE-2024-34133: Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds write vulnerability t Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.