Acrobat Security Vulnerabilities and Issues — Acrobat CVE List

Lucene search

AdobeAcrobat

1346 matches found

CVE•added 2021/09/02 5:15 p.m.•1143 views

CVE-2021-28550

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the cur...

9.6CVSS8.3AI score0.21352EPSS

CVE•added 2013/02/14 1:55 a.m.•1070 views

CVE-2013-0640

Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.

9.3CVSS7.7AI score0.92564EPSS

CVE•added 2013/08/30 8:55 p.m.•1060 views

CVE-2013-3346

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.8AI score0.89499EPSS

CVE•added 2021/02/11 8:15 p.m.•1056 views

CVE-2021-21017

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the contex...

8.8CVSS8.8AI score0.90595EPSS

CVE•added 2011/03/15 5:55 p.m.•1047 views

CVE-2011-0609

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windo...

9.3CVSS8.9AI score0.92398EPSS

CVE•added 2014/01/15 4:13 p.m.•1042 views

CVE-2014-0496

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.4AI score0.71123EPSS

CVE•added 2008/11/04 6:29 p.m.•1040 views

CVE-2008-2992

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.

9.3CVSS7.8AI score0.93377EPSS

CVE•added 2010/02/22 1:0 p.m.•1012 views

CVE-2010-0188

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS7.7AI score0.92839EPSS

CVE•added 2010/06/08 6:30 p.m.•994 views

CVE-2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SW...

9.3CVSS9.7AI score0.93537EPSS

CVE•added 2008/02/12 7:0 p.m.•991 views

CVE-2007-5659

Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.

9.3CVSS7.4AI score0.93247EPSS

CVE•added 2009/07/23 8:30 p.m.•976 views

CVE-2009-1862

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or...

9.3CVSS7.8AI score0.57995EPSS

CVE•added 2011/04/13 2:55 p.m.•974 views

CVE-2011-0611

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x be...

9.3CVSS8.8AI score0.93736EPSS

CVE•added 2013/05/16 11:45 a.m.•970 views

CVE-2013-2729

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727.

10CVSS7.6AI score0.90244EPSS

CVE•added 2008/02/07 9:0 p.m.•966 views

CVE-2008-0655

Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

9.8CVSS6.4AI score0.71023EPSS

CVE•added 2010/01/13 7:30 p.m.•957 views

CVE-2009-3953

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different...

10CVSS7.4AI score0.90514EPSS

CVE•added 2009/12/15 2:30 a.m.•956 views

CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild i...

9.3CVSS7.2AI score0.93381EPSS

CVE•added 2013/02/14 1:55 a.m.•951 views

CVE-2013-0641

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.

9.3CVSS7.8AI score0.89391EPSS

CVE•added 2010/09/09 10:0 p.m.•946 views

CVE-2010-2883

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphl...

9.3CVSS8.2AI score0.93247EPSS

CVE•added 2011/12/07 7:55 p.m.•945 views

CVE-2011-2462

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in ...

10CVSS9.6AI score0.9255EPSS

CVE•added 2014/08/12 9:55 p.m.•849 views

CVE-2014-0546

Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.

10CVSS6.8AI score0.16664EPSS

CVE•added 2023/09/13 9:15 a.m.•529 views

CVE-2023-26369

Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i...

7.8CVSS7.9AI score0.00403EPSS

CVE•added 2023/01/18 7:15 p.m.•427 views

CVE-2023-21608

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i...

7.8CVSS7.7AI score0.8896EPSS

CVE•added 2023/01/18 7:15 p.m.•247 views

CVE-2023-21579

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires u...

7.8CVSS7.7AI score0.0161EPSS

CVE•added 2009/10/19 10:30 p.m.•245 views

CVE-2009-2994

Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.5AI score0.42796EPSS

CVE•added 2010/04/22 2:30 p.m.•224 views

CVE-2010-1278

Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.

9.3CVSS8AI score0.13928EPSS

CVE•added 2022/05/11 6:15 p.m.•203 views

CVE-2022-28269

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue r...

4.3CVSS5AI score0.01668EPSS

CVE•added 2022/05/11 6:15 p.m.•199 views

CVE-2022-28838

Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction ...

9.3CVSS7.7AI score0.04169EPSS

CVE•added 2022/05/11 6:15 p.m.•195 views

CVE-2022-28266

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage thi...

5.5CVSS5.2AI score0.00926EPSS

CVE•added 2022/07/15 4:15 p.m.•176 views

CVE-2022-34221

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploi...

7.8CVSS7.6AI score0.02652EPSS

CVE•added 2016/08/26 7:59 p.m.•174 views

CVE-2016-4270

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS9.8AI score0.22372EPSS

CVE•added 2022/05/11 6:15 p.m.•174 views

CVE-2022-27793

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...

9.3CVSS7.7AI score0.01963EPSS

CVE•added 2022/05/11 6:15 p.m.•173 views

CVE-2022-24103

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t...

9.3CVSS7.6AI score0.09034EPSS

CVE•added 2012/08/15 10:31 a.m.•172 views

CVE-2012-4159

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE...

10CVSS7.6AI score0.19383EPSS

CVE•added 2022/05/11 6:15 p.m.•172 views

CVE-2022-24104

9.3CVSS7.6AI score0.3695EPSS

CVE•added 2022/07/15 4:15 p.m.•172 views

CVE-2022-34230

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i...

7.8CVSS7.7AI score0.11104EPSS

CVE•added 2022/05/11 6:15 p.m.•170 views

CVE-2022-27788

9.3CVSS7.7AI score0.02214EPSS

CVE•added 2024/12/10 8:15 p.m.•168 views

CVE-2024-49530

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi...

7.8CVSS7.4AI score0.0004EPSS

CVE•added 2023/11/16 10:15 a.m.•167 views

CVE-2023-44336

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ...

7.8CVSS7.8AI score0.0081EPSS

CVE•added 2022/05/11 6:15 p.m.•164 views

CVE-2022-28837

Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitati...

5.5CVSS5.6AI score0.00343EPSS

CVE•added 2013/05/16 11:45 a.m.•163 views

CVE-2013-2727

10CVSS7.6AI score0.90244EPSS

CVE•added 2013/09/12 1:28 p.m.•163 views

CVE-2013-3353

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3356.

10CVSS7.7AI score0.4398EPSS

CVE•added 2024/12/10 8:15 p.m.•163 views

CVE-2024-49531

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to ...

5.5CVSS6.4AI score0.00029EPSS

CVE•added 2011/02/10 6:0 p.m.•155 views

CVE-2011-0596

The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which trig...

9.3CVSS7.6AI score0.12676EPSS

CVE•added 2012/08/15 10:31 a.m.•155 views

CVE-2012-4148

10CVSS7.6AI score0.19383EPSS

CVE•added 2024/12/10 8:15 p.m.•154 views

CVE-2024-49535

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that allows an attacker to provide malicious XML input containing a reference to an external entity...

6.3CVSS5.9AI score0.00025EPSS

CVE•added 2011/02/10 6:0 p.m.•150 views

CVE-2011-0590

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.

9.3CVSS7.4AI score0.12036EPSS

CVE•added 2012/01/10 9:55 p.m.•149 views

CVE-2011-4372

Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.

9.8CVSS9.7AI score0.08394EPSS

CVE•added 2012/08/15 10:31 a.m.•149 views

CVE-2012-4150

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•149 views

CVE-2013-2735

10CVSS7.7AI score0.18885EPSS

CVE•added 2011/02/10 6:0 p.m.•148 views

CVE-2011-0593

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-...

9.3CVSS7.8AI score0.12036EPSS

Total number of security vulnerabilities1346