Adobe Prelude vulnerabilities

CVE-2023-44362 [MEDIUM] CWE-824 CVE-2023-44362: Adobe Prelude versions 22.6 and earlier are affected by an Access of Uninitialized Pointer vulnerabi Adobe Prelude versions 22.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2021-44696 [LOW] CWE-125 CVE-2021-44696: Adobe Prelude version 22.1.1 (and earlier) is affected by an out-of-bounds read vulnerability that c Adobe Prelude version 22.1.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG file.

CVE-2021-43754 [HIGH] CWE-787 CVE-2021-43754: Adobe Prelude version 22.1.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due t Adobe Prelude version 22.1.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

CVE-2021-40770 [HIGH] CWE-788 CVE-2021-40770: Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to ins Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

CVE-2021-40772 [HIGH] CWE-788 CVE-2021-40772: Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to ins Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

CVE-2021-42737 [HIGH] CWE-788 CVE-2021-42737: Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to ins Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

CVE-2021-40771 [HIGH] CWE-788 CVE-2021-40771: Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to ins Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

CVE-2021-42738 [HIGH] CWE-788 CVE-2021-42738: Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to ins Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

CVE-2021-40775 [HIGH] CWE-788 CVE-2021-40775: Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to ins Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

CVE-2021-40774 [MEDIUM] CWE-476 CVE-2021-40774: Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability whe Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus

CVE-2021-40773 [MEDIUM] CWE-476 CVE-2021-40773: Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability whe Adobe Prelude version 10.1 (and earlier) is affected by a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus

CVE-2021-43011 [HIGH] CWE-788 CVE-2021-43011: Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unaut Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.

CVE-2021-43012 [HIGH] CWE-788 CVE-2021-43012: Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unaut Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.

CVE-2021-28594 [HIGH] CWE-427 CVE-2021-28594: Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Unc Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must

CVE-2021-35999 [HIGH] CWE-788 CVE-2021-35999: Adobe Prelude version 10.0 (and earlier) is affected by a memory corruption vulnerability when parsi Adobe Prelude version 10.0 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou

CVE-2021-36007 [LOW] CWE-20 CVE-2021-36007: Adobe Prelude version 10.0 (and earlier) are affected by an uninitialized variable vulnerability whe Adobe Prelude version 10.0 (and earlier) are affected by an uninitialized variable vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open

CVE-2020-24440 [HIGH] CWE-427 CVE-2020-24440: Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that co Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2020-9680 [HIGH] CWE-787 CVE-2020-9680: Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Successful exploit Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

CVE-2020-9677 [HIGH] CWE-125 CVE-2020-9677: Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploita Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2020-9678 [HIGH] CWE-787 CVE-2020-9678: Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Successful exploit Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .