What is the adobe CNA?
adobe is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 6,833 CVE records since 2009.
How many CVEs has adobe published?
adobe has published 6,833 CVE records, including 1,641 in the last two years.
What is adobe's CVE data quality grade?
RadicalNotion.AI grades adobe's CVE data quality as F, with an overall completeness score of 58.3%. This reflects how consistently its CVE records include vendor (63%), product (72.6%), CVSS (48.2%), and CWE (49.4%) information.
What products does adobe publish CVEs for?
adobe most frequently publishes CVEs for windows, mac os x, macos, acrobat dc, Acrobat Reader DC.
Which vendors does adobe cover?
adobe publishes CVEs across 4 distinct vendors, most often Adobe, microsoft, apple, linux, google.
Is adobe actively publishing CVEs?
adobe is currently active, based on 1,641 CVEs in the last two years.
What is the average severity of adobe's CVEs?
The average CVSS base score across adobe's scored CVEs is 6.4.
How many critical CVEs has adobe published?
adobe has published 128 critical-severity CVEs and 1,496 high-severity CVEs.
Are any of adobe's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 73 of adobe's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in adobe's CVEs?
adobe's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-125 (Out-of-bounds Read), CWE-787 (Out-of-bounds Write), CWE-416 (Use After Free).
How does adobe rank among CNAs?
By total CVE volume, adobe ranks #10 of 370 CNAs, and it reports more complete CVE records than 13% of all CNAs.
