Adobe Photoshop Elements vulnerabilities

CVE-2025-21162 [MEDIUM] CWE-379 CVE-2025-21162: Photoshop Elements versions 2025.0 and earlier are affected by a Creation of Temporary File in Direc Photoshop Elements versions 2025.0 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2021-39825 [HIGH] CWE-787 CVE-2021-39825: Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out Photoshop Elements versions 2021 build 19.0 (20210304.m.156367) (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TTF file.

CVE-2021-28597 [MEDIUM] CWE-379 CVE-2021-28597: Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creatio Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file creation vulnerability. An unauthenticated attacker could leverage this vulnerability to call functions against the installer to perform high privileged actions. Exploitation of this issue does not require user interaction.

CVE-2011-2443 [CRITICAL] CVE-2011-2443: Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to caus Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296.

CVE-2009-3489 [HIGH] CWE-732 CVE-2009-3489: Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure secu Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.

CVE-2007-2365 [CRITICAL] CWE-119 CVE-2007-2365: Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.