Acrobat Security Vulnerabilities and Issues — Acrobat CVE List | Vulners.com

Lucene search

K

AdobeAcrobat

1349 matches found

CVE•added 2021/09/02 5:15 p.m.•1177 views

CVE-2021-28550

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the cur...

9.6CVSS8.3AI score0.22446EPSS

CVE•added 2013/02/14 1:55 a.m.•1104 views

CVE-2013-0640

Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.

9.3CVSS7.7AI score0.92516EPSS

CVE•added 2013/08/30 8:55 p.m.•1093 views

CVE-2013-3346

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.8AI score0.89308EPSS

CVE•added 2021/02/11 8:15 p.m.•1089 views

CVE-2021-21017

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the contex...

8.8CVSS8.8AI score0.89716EPSS

CVE•added 2011/03/15 5:55 p.m.•1079 views

CVE-2011-0609

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windo...

9.3CVSS8.9AI score0.92398EPSS

CVE•added 2008/11/04 6:29 p.m.•1073 views

CVE-2008-2992

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.

9.3CVSS7.8AI score0.93377EPSS

CVE•added 2014/01/15 4:13 p.m.•1073 views

CVE-2014-0496

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.4AI score0.72126EPSS

CVE•added 2010/02/22 1:0 p.m.•1045 views

CVE-2010-0188

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS7.7AI score0.92717EPSS

CVE•added 2010/06/08 6:30 p.m.•1027 views

CVE-2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SW...

9.3CVSS9.7AI score0.93621EPSS

CVE•added 2008/02/12 7:0 p.m.•1024 views

CVE-2007-5659

Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.

9.3CVSS7.4AI score0.93258EPSS

CVE•added 2009/07/23 8:30 p.m.•1010 views

CVE-2009-1862

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or...

9.3CVSS7.8AI score0.57995EPSS

CVE•added 2011/04/13 2:55 p.m.•1008 views

CVE-2011-0611

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x be...

9.3CVSS8.8AI score0.92823EPSS

CVE•added 2013/05/16 11:45 a.m.•1003 views

CVE-2013-2729

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727.

10CVSS7.6AI score0.90244EPSS

CVE•added 2008/02/07 9:0 p.m.•999 views

CVE-2008-0655

Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

9.8CVSS6.4AI score0.69964EPSS

CVE•added 2010/01/13 7:30 p.m.•991 views

CVE-2009-3953

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different...

10CVSS7.4AI score0.90514EPSS

CVE•added 2009/12/15 2:30 a.m.•989 views

CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild i...

9.3CVSS7.2AI score0.92892EPSS

CVE•added 2013/02/14 1:55 a.m.•985 views

CVE-2013-0641

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.

9.3CVSS7.8AI score0.89391EPSS

CVE•added 2010/09/09 10:0 p.m.•980 views

CVE-2010-2883

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphl...

9.3CVSS8.2AI score0.93247EPSS

CVE•added 2011/12/07 7:55 p.m.•979 views

CVE-2011-2462

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in ...

10CVSS9.6AI score0.9255EPSS

CVE•added 2014/08/12 9:55 p.m.•851 views

CVE-2014-0546

Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.

10CVSS6.8AI score0.27564EPSS

CVE•added 2023/09/13 9:15 a.m.•565 views

CVE-2023-26369

Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i...

7.8CVSS7.9AI score0.00491EPSS

CVE•added 2023/01/18 7:15 p.m.•464 views

CVE-2023-21608

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i...

7.8CVSS7.7AI score0.8896EPSS

CVE•added 2009/10/19 10:30 p.m.•278 views

CVE-2009-2994

Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.5AI score0.51117EPSS

CVE•added 2023/01/18 7:15 p.m.•249 views

CVE-2023-21579

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires u...

7.8CVSS7.7AI score0.0161EPSS

CVE•added 2010/04/22 2:30 p.m.•225 views

CVE-2010-1278

Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.

9.3CVSS8AI score0.13928EPSS

CVE•added 2022/05/11 6:15 p.m.•205 views

CVE-2022-28269

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue r...

4.3CVSS5AI score0.01668EPSS

CVE•added 2022/05/11 6:15 p.m.•201 views

CVE-2022-28838

Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction ...

9.3CVSS7.7AI score0.05385EPSS

CVE•added 2022/05/11 6:15 p.m.•198 views

CVE-2022-28266

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage thi...

5.5CVSS5.2AI score0.00926EPSS

CVE•added 2013/05/16 11:45 a.m.•197 views

CVE-2013-2727

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2729.

10CVSS7.6AI score0.90244EPSS

CVE•added 2013/05/16 11:45 a.m.•182 views

CVE-2013-2719

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•181 views

CVE-2013-2735

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•180 views

CVE-2013-2718

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•180 views

CVE-2013-2731

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•179 views

CVE-2013-2732

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2009/02/20 7:30 p.m.•178 views

CVE-2009-0658

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidi...

9.3CVSS7.9AI score0.90801EPSS

CVE•added 2022/07/15 4:15 p.m.•178 views

CVE-2022-34221

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploi...

7.8CVSS7.6AI score0.00235EPSS

CVE•added 2013/05/16 11:45 a.m.•177 views

CVE-2013-3337

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•176 views

CVE-2013-2721

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2722, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2022/05/11 6:15 p.m.•176 views

CVE-2022-27793

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...

9.3CVSS7.7AI score0.01963EPSS

CVE•added 2012/08/15 10:31 a.m.•175 views

CVE-2012-4159

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE...

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•175 views

CVE-2013-2720

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2721, CVE-2013-2722, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2016/08/26 7:59 p.m.•175 views

CVE-2016-4270

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS9.8AI score0.31794EPSS

CVE•added 2022/05/11 6:15 p.m.•175 views

CVE-2022-24103

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t...

9.3CVSS7.6AI score0.10348EPSS

CVE•added 2013/05/16 11:45 a.m.•174 views

CVE-2013-3338

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2022/05/11 6:15 p.m.•174 views

CVE-2022-24104

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in t...

9.3CVSS7.6AI score0.38879EPSS

CVE•added 2022/07/15 4:15 p.m.•174 views

CVE-2022-34230

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i...

7.8CVSS7.7AI score0.01555EPSS

CVE•added 2013/05/16 11:45 a.m.•173 views

CVE-2013-2726

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•173 views

CVE-2013-2734

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•173 views

CVE-2013-3339

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•172 views

CVE-2013-2722

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

Total number of security vulnerabilities1349