Adobe | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Introducing MavenGate: a supply chain attack method for Java and Android applications	Dependency Hijacking Android Maven Supply Chain Attack	Google Facebook Amazon Microsoft Adobe LinkedIn Netflix	Oversecured (@OversecuredInc)
Technical Details for CVE-2023-29301: Adobe ColdFusion Access Control Bypass for a CFAdmin Authentication Component	Broken Access Control Bruteforce ColdFusion	Adobe	Brian (@Hoyahaxa)
CVE-2023-38205: Adobe ColdFusion Access Control Bypass [FIXED]	Broken Access Control Security Code Review	Adobe	Stephen Fewer (@Stephenfewer)
CVE-2023-29298: Adobe ColdFusion Access Control Bypass	Broken Access Control Logic Flaw Security Code Review ColdFusion	Adobe	Stephen Fewer (@Stephenfewer)
AEM Bug in Adobe	AEM Missing Authentication Security Misconfiguration	Adobe	Muhammad Mater (@Micro0x00)
Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608	Memory Corruption Use-After-Free RCE	Adobe	Ashfaq Ansari (@HackSysTeam) Krishnakant Patil (@Shsirk)
CVE-2022-35690: Unauthenticated RCE In Adobe ColdFusion	RCE	Adobe	Rgod
Adobe Reader - XFA - ANSI-Unicode Confusion Information Leak	Memory Corruption	Adobe	Ashfaq Ansari (@HackSysTeam) Krishnakant Patil (@Shsirk)
Analysis of Adobe Acrobat Reader Javascript Doc.print() Use-After-Free Vulnerability (CVE-2022-34233)	Memory Corruption	Adobe	ThreatLabz (@Threatlabz)
Two faces of a same PDF document	PDF Parser Differential Attack	Mozilla Google Adobe	Toni Huttunen
Adobe Acrobat hollowing out same-origin policy	XSS SOP Bypass Open Redirect PostMessage	Adobe	Wladimir Palant (@WPalant)
Adobe bug bounty using IDOR, Confidential data leaks	IDOR	Adobe	Debprasad Banerjee
CVE-2020-24427: Adobe Reader CJK Codecs Memory Disclosure Vulnerability	Memory Disclosure	Adobe	Haboob Research Team (@HaboobSa)
RCE In Adobe Acrobat Reader For Android(CVE-2021-40724)	RCE Path Traversal Android	Google Adobe	Sunny (@Hulkvision)
Hunting postMessage Vulnerabilities	PostMessage DOM XSS	Apple Google (Youtube) Adobe	Gary O'Leary-Steele (@Garyoleary) Graham Bacon
Hacking Magento eCommerce For Fun And 17.000 USD	Information Disclosure LFI RFI	Adobe	Egidio Romano / EgiX
One Payload to XSS Them All!	Flash XSS	Adobe	Abdullah Hussam (@Abdulahhusam)

Page 1 of 1