Search

Find a vulnerability

Search criteria

    56 vulnerabilities found for Adobe Bridge by Adobe

    CVE-2026-48343 (GCVE-0-2026-48343)

    Vulnerability from nvd – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Out-of-bounds Write (CWE-787)
    Summary
    Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48343",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:11.300347Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:35.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:17.066Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Out-of-bounds Write (CWE-787)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48343",
        "datePublished": "2026-07-14T20:35:17.066Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:32:35.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48342 (GCVE-0-2026-48342)

    Vulnerability from nvd – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:31
    VLAI
    Title
    Bridge | Integer Overflow or Wraparound (CWE-190)
    Summary
    Bridge is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound (CWE-190)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48342",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:14.359094Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:31:39.053Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound (CWE-190)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:14.863Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Integer Overflow or Wraparound (CWE-190)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48342",
        "datePublished": "2026-07-14T20:35:14.863Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:31:39.053Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48341 (GCVE-0-2026-48341)

    Vulnerability from nvd – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Out-of-bounds Write (CWE-787)
    Summary
    Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48341",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:12.095360Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:21.710Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:14.113Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Out-of-bounds Write (CWE-787)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48341",
        "datePublished": "2026-07-14T20:35:14.113Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:32:21.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48340 (GCVE-0-2026-48340)

    Vulnerability from nvd – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:31
    VLAI
    Title
    Bridge | Untrusted Pointer Dereference (CWE-822)
    Summary
    Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-822 - Untrusted Pointer Dereference (CWE-822)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48340",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:13.616341Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:31:53.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-822",
                  "description": "Untrusted Pointer Dereference (CWE-822)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:17.792Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Untrusted Pointer Dereference (CWE-822)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48340",
        "datePublished": "2026-07-14T20:35:17.792Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:31:53.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48339 (GCVE-0-2026-48339)

    Vulnerability from nvd – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Heap-based Buffer Overflow (CWE-122)
    Summary
    Bridge is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow (CWE-122)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48339",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:12.877550Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:08.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow (CWE-122)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:16.341Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Heap-based Buffer Overflow (CWE-122)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48339",
        "datePublished": "2026-07-14T20:35:16.341Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:32:08.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48311 (GCVE-0-2026-48311)

    Vulnerability from nvd – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Out-of-bounds Write (CWE-787)
    Summary
    Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48311",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:10.563276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:49.236Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:15.591Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Out-of-bounds Write (CWE-787)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48311",
        "datePublished": "2026-07-14T20:35:15.591Z",
        "dateReserved": "2026-05-21T15:28:38.136Z",
        "dateUpdated": "2026-07-15T10:32:49.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-9676 (GCVE-0-2020-9676)

    Vulnerability from nvd – Published: 2020-07-22 19:15 – Updated: 2025-05-05 17:04
    VLAI
    Summary
    Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-bounds write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.3 and earlier versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.883Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9676",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:17.515874Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:04:10.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.3 and earlier versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds write  ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-01T15:06:13.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9676",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.3 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds write  "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/"
                },
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9676",
        "datePublished": "2020-07-22T19:15:23.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:04:10.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9675 (GCVE-0-2020-9675)

    Vulnerability from nvd – Published: 2020-07-22 19:15 – Updated: 2025-05-05 17:04
    VLAI
    Summary
    Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-bounds read
    • CWE-125 - Out-of-bounds Read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.3 and earlier versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.914Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9675",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:14.708722Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:04:22.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.3 and earlier versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds read ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-01T15:06:13.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9675",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.3 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds read "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/"
                },
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9675",
        "datePublished": "2020-07-22T19:15:41.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:04:22.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9674 (GCVE-0-2020-9674)

    Vulnerability from nvd – Published: 2020-07-22 19:15 – Updated: 2025-05-05 17:04
    VLAI
    Summary
    Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-bounds write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.3 and earlier versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9674",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:15.947482Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:04:31.169Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.3 and earlier versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds write  ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-01T15:06:12.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9674",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.3 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds write  "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/"
                },
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9674",
        "datePublished": "2020-07-22T19:15:32.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:04:31.169Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9569 (GCVE-0-2020-9569)

    Vulnerability from nvd – Published: 2020-06-26 20:08 – Updated: 2025-05-05 17:05
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-Bounds Write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:38.827Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9569",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:37.519809Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:05:01.627Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Bounds Write ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:08:57.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9569",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-Bounds Write "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9569",
        "datePublished": "2020-06-26T20:08:57.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:05:01.627Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9568 (GCVE-0-2020-9568)

    Vulnerability from nvd – Published: 2020-06-26 20:08 – Updated: 2025-05-05 17:05
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Memory Corruption
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.412Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9568",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:38.947212Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:05:11.505Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:08:50.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9568",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Memory Corruption"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9568",
        "datePublished": "2020-06-26T20:08:50.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:05:11.505Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9567 (GCVE-0-2020-9567)

    Vulnerability from nvd – Published: 2020-06-26 20:08 – Updated: 2025-05-05 17:05
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use After Free
    • CWE-416 - Use After Free
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.892Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9567",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:40.239908Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:05:20.635Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:08:43.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9567",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use After Free"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9567",
        "datePublished": "2020-06-26T20:08:43.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:05:20.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9566 (GCVE-0-2020-9566)

    Vulnerability from nvd – Published: 2020-06-26 20:09 – Updated: 2025-05-05 17:05
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Use After Free
    • CWE-416 - Use After Free
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.444Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9566",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:36.280742Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:05:29.516Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use After Free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:09:04.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9566",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use After Free"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9566",
        "datePublished": "2020-06-26T20:09:04.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:05:29.516Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9565 (GCVE-0-2020-9565)

    Vulnerability from nvd – Published: 2020-06-26 20:09 – Updated: 2025-05-05 17:05
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-Bounds Write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.660Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9565",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:34.822042Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:05:38.925Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Bounds Write ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:09:12.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9565",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-Bounds Write "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9565",
        "datePublished": "2020-06-26T20:09:12.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:05:38.925Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9564 (GCVE-0-2020-9564)

    Vulnerability from nvd – Published: 2020-06-26 20:10 – Updated: 2025-05-05 17:05
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-Bounds Write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.541Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9564",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:23.130816Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:05:48.924Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Bounds Write ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:10:51.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9564",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-Bounds Write "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9564",
        "datePublished": "2020-06-26T20:10:51.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:05:48.924Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9563 (GCVE-0-2020-9563)

    Vulnerability from nvd – Published: 2020-06-26 20:10 – Updated: 2025-05-05 17:05
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Heap Overflow
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.641Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9563",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:21.651032Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:05:57.710Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:10:59.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9563",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Heap Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9563",
        "datePublished": "2020-06-26T20:10:59.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:05:57.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9562 (GCVE-0-2020-9562)

    Vulnerability from nvd – Published: 2020-06-26 20:09 – Updated: 2025-05-05 17:06
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Heap Overflow
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.921Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9562",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:30.511814Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:06:07.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:09:59.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9562",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Heap Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9562",
        "datePublished": "2020-06-26T20:09:59.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:06:07.780Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9561 (GCVE-0-2020-9561)

    Vulnerability from nvd – Published: 2020-06-26 20:10 – Updated: 2025-05-05 17:06
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-Bounds Write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.487Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9561",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:27.577926Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:06:16.650Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Bounds Write ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:10:15.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9561",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-Bounds Write "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9561",
        "datePublished": "2020-06-26T20:10:15.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:06:16.650Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9560 (GCVE-0-2020-9560)

    Vulnerability from nvd – Published: 2020-06-26 20:10 – Updated: 2025-05-05 17:06
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-Bounds Write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.470Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9560",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:26.193856Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:06:25.834Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Bounds Write ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:10:23.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9560",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-Bounds Write "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9560",
        "datePublished": "2020-06-26T20:10:23.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:06:25.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9559 (GCVE-0-2020-9559)

    Vulnerability from nvd – Published: 2020-06-26 20:09 – Updated: 2025-05-05 17:06
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-Bounds Write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.435Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9559",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:32.016250Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:06:35.884Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Bounds Write ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:09:41.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9559",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-Bounds Write "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9559",
        "datePublished": "2020-06-26T20:09:41.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:06:35.884Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9558 (GCVE-0-2020-9558)

    Vulnerability from nvd – Published: 2020-06-26 20:08 – Updated: 2024-08-04 10:34
    VLAI
    Summary
    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Out-of-Bounds Read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.1 and earlier version versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.834Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.1 and earlier version versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-Bounds Read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:08:35.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9558",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.1 and earlier version versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-Bounds Read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-19.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9558",
        "datePublished": "2020-06-26T20:08:35.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:34:39.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-48340 (GCVE-0-2026-48340)

    Vulnerability from cvelistv5 – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:31
    VLAI
    Title
    Bridge | Untrusted Pointer Dereference (CWE-822)
    Summary
    Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-822 - Untrusted Pointer Dereference (CWE-822)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48340",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:13.616341Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:31:53.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an Untrusted Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-822",
                  "description": "Untrusted Pointer Dereference (CWE-822)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:17.792Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Untrusted Pointer Dereference (CWE-822)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48340",
        "datePublished": "2026-07-14T20:35:17.792Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:31:53.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48343 (GCVE-0-2026-48343)

    Vulnerability from cvelistv5 – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Out-of-bounds Write (CWE-787)
    Summary
    Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48343",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:11.300347Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:35.055Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:17.066Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Out-of-bounds Write (CWE-787)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48343",
        "datePublished": "2026-07-14T20:35:17.066Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:32:35.055Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48339 (GCVE-0-2026-48339)

    Vulnerability from cvelistv5 – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Heap-based Buffer Overflow (CWE-122)
    Summary
    Bridge is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow (CWE-122)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48339",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:12.877550Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:08.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow (CWE-122)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:16.341Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Heap-based Buffer Overflow (CWE-122)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48339",
        "datePublished": "2026-07-14T20:35:16.341Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:32:08.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48311 (GCVE-0-2026-48311)

    Vulnerability from cvelistv5 – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Out-of-bounds Write (CWE-787)
    Summary
    Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48311",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:10.563276Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:49.236Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:15.591Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Out-of-bounds Write (CWE-787)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48311",
        "datePublished": "2026-07-14T20:35:15.591Z",
        "dateReserved": "2026-05-21T15:28:38.136Z",
        "dateUpdated": "2026-07-15T10:32:49.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48342 (GCVE-0-2026-48342)

    Vulnerability from cvelistv5 – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:31
    VLAI
    Title
    Bridge | Integer Overflow or Wraparound (CWE-190)
    Summary
    Bridge is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-190 - Integer Overflow or Wraparound (CWE-190)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48342",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:14.359094Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:31:39.053Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "Integer Overflow or Wraparound (CWE-190)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:14.863Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Integer Overflow or Wraparound (CWE-190)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48342",
        "datePublished": "2026-07-14T20:35:14.863Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:31:39.053Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48341 (GCVE-0-2026-48341)

    Vulnerability from cvelistv5 – Published: 2026-07-14 20:35 – Updated: 2026-07-15 10:32
    VLAI
    Title
    Bridge | Out-of-bounds Write (CWE-787)
    Summary
    Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 0 , ≤ 16.0.3 (semver)
    Unaffected: 16.0.4 (semver)
    Create a notification for this product.
    Adobe Adobe Bridge Affected: 0 , ≤ 15.1.5 (semver)
    Unaffected: 15.1.6 (semver)
    Create a notification for this product.
    Date Public
    2026-07-14 17:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48341",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T04:00:12.095360Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T10:32:21.710Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "16.0.3",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "16.0.4",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "15.1.5",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "status": "unaffected",
                  "version": "15.1.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2026-07-14T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Bridge is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.8,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "LOCAL",
                "modifiedAvailabilityImpact": "HIGH",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.8,
                "temporalSeverity": "HIGH",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:35:14.113Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb26-81.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Bridge | Out-of-bounds Write (CWE-787)",
          "x_generator": {
            "engine": "cvelib 1.8.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2026-48341",
        "datePublished": "2026-07-14T20:35:14.113Z",
        "dateReserved": "2026-05-21T15:28:38.139Z",
        "dateUpdated": "2026-07-15T10:32:21.710Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-9675 (GCVE-0-2020-9675)

    Vulnerability from cvelistv5 – Published: 2020-07-22 19:15 – Updated: 2025-05-05 17:04
    VLAI
    Summary
    Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-bounds read
    • CWE-125 - Out-of-bounds Read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.3 and earlier versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.914Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9675",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:14.708722Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:04:22.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.3 and earlier versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds read ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-01T15:06:13.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9675",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.3 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds read "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-911/"
                },
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9675",
        "datePublished": "2020-07-22T19:15:41.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:04:22.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9674 (GCVE-0-2020-9674)

    Vulnerability from cvelistv5 – Published: 2020-07-22 19:15 – Updated: 2025-05-05 17:04
    VLAI
    Summary
    Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-bounds write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.3 and earlier versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.926Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9674",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:15.947482Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:04:31.169Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.3 and earlier versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds write  ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-01T15:06:12.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9674",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.3 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds write  "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-913/"
                },
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9674",
        "datePublished": "2020-07-22T19:15:32.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:04:31.169Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9676 (GCVE-0-2020-9676)

    Vulnerability from cvelistv5 – Published: 2020-07-22 19:15 – Updated: 2025-05-05 17:04
    VLAI
    Summary
    Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Out-of-bounds write
    • CWE-787 - Out-of-bounds Write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Bridge Affected: 10.0.3 and earlier versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:34:39.883Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9676",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:32:17.515874Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:04:10.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Bridge",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.0.3 and earlier versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out-of-bounds write  ",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-09-01T15:06:13.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-9676",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Bridge",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.0.3 and earlier versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out-of-bounds write  "
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-912/"
                },
                {
                  "name": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/bridge/apsb20-44.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-9676",
        "datePublished": "2020-07-22T19:15:23.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2025-05-05T17:04:10.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }