Lucene search
K
AdobeAcrobat

1381 matches found

CVE
CVE
added 2021/09/02 4:7 p.m.1203 views

CVE-2021-28550

CVE-2021-28550 is an Adobe Acrobat/Reader Use-After-Free vulnerability that allows arbitrary code execution in the context of the current user when a user opens a crafted PDF. Affected products include Acrobat Reader DC (versions 2021.001.20150 and earlier), 2020.001.30020 and earlier, and 2017.0...

9.6CVSS8.3AI score0.52005EPSS
In wild
CVE
CVE
added 2013/02/14 1:0 a.m.1140 views

CVE-2013-0640

CVE-2013-0640 is a memory corruption remote code execution vulnerability in Adobe Reader and Acrobat. It affects Adobe Reader/Acrobat 9.x prior to 9.5.4, 10.x prior to 10.1.6, and 11.x prior to 11.0.02, exploitable via a crafted PDF and observed in the wild in February 2013. The impact includes r...

9.3CVSS7.7AI score0.86979EPSS
In wild
CVE
CVE
added 2013/08/30 8:0 p.m.1117 views

CVE-2013-3346

CVE-2013-3346 affects Adobe Reader and Acrobat where the ToolButton use-after-free in the ToolButton callback enables memory corruption leading to arbitrary code execution or Denial of Service. Affected product versions are Adobe Reader/Acrobat 9.x <= 9.5.4, 10.x <= 10.1.6, and 11.x

10CVSS7.8AI score0.78581EPSS
In wild
CVE
CVE
added 2008/11/04 6:0 p.m.1114 views

CVE-2008-2992

CVE-2008-2992 is a stack-based buffer overflow in Adobe Reader/Acrobat up to version 8.1.2 triggered by parsing crafted PDF files that invoke the util.printf JavaScript function. The vulnerability allows a remote attacker to execute arbitrary code with the user’s privileges when a victim opens a ...

9.3CVSS7.8AI score0.98482EPSS
In wild
CVE
CVE
added 2021/02/11 7:42 p.m.1108 views

CVE-2021-21017

CVE-2021-21017 affects Adobe Acrobat/Reader (DC Continuous and prior releases) with a heap-based buffer overflow that could allow arbitrary code execution in the user’s context after opening a malicious file. The linked exploit analyses describe a flaw in URL/baseURL handling within PDFs (potenti...

8.8CVSS8.8AI score0.8621EPSS
In wild
CVE
CVE
added 2011/03/15 5:0 p.m.1098 views

CVE-2011-0609

The CVE-2011-0609 issue is an Adobe Flash Player AVM Bytecode Verification vulnerability that allows remote code execution via crafted SWF content. Affected products include Flash Player 10.2.x and earlier (Windows, macOS, Linux, Solaris), Flash Player 10.1.106.16 and earlier on Android, Adobe AI...

9.3CVSS8.9AI score0.66821EPSS
In wild
CVE
CVE
added 2014/01/15 2:0 a.m.1094 views

CVE-2014-0496

CVE-2014-0496 is a use-after-free vulnerability in Adobe Reader and Acrobat (X and XI) on Windows and macOS. Affected products are Adobe Reader X (v10.0.x) prior to 10.1.8 and Adobe Acrobat X 10.1.8 and earlier, and Adobe Reader XI 11.x prior to 11.0.06 and Adobe Acrobat XI 11.x prior to 11.0.06....

10CVSS7.4AI score0.40243EPSS
In wild
CVE
CVE
added 2010/02/21 5:0 p.m.1084 views

CVE-2010-0188

CVE-2010-0188 is an Adobe Reader/Acrobat vulnerability in the PDF handling stack (notably LibTIFF-related parsing) that could allow denial of service or remote code execution via a crafted PDF. Affected products include Adobe Reader/Acrobat 8.x (before 8.2.1) and 9.x (before 9.3.1). Public analys...

9.3CVSS7.7AI score0.88246EPSS
In wild
CVE
CVE
added 2010/06/08 6:0 p.m.1047 views

CVE-2010-1297

CVE-2010-1297 affects Adobe Flash Player (versions prior to 9.0.277.0 and 10.x prior to 10.1.53.64), Adobe AIR (prior to 2.0.2.12610), and Adobe Reader/Acrobat (8.x up to 8.2.3; 9.x prior to 9.3.3) on Windows and macOS. The root cause is memory corruption/remote code execution via crafted SWF con...

9.3CVSS9.7AI score0.82296EPSS
In wild
CVE
CVE
added 2008/02/12 6:0 p.m.1044 views

CVE-2007-5659

Adobe Acrobat/Reader (シリーズ 8.1.1 and earlier) contains a buffer-overflow in unspecified JavaScript methods triggered by a crafted PDF long-argument to JavaScript calls, enabling remote code execution. The vulnerability (CVE-2007-5659) is noted to potentially be subsumed by CVE-2008-0655. Exploita...

9.3CVSS7.4AI score0.94222EPSS
In wild
CVE
CVE
added 2009/07/23 8:0 p.m.1036 views

CVE-2009-1862

CVE-2009-1862 describes a memory-corruption vulnerability in Adobe Flash Player (and Adobe Reader/Acrobat components) that can be triggered by specially crafted SWF content or a crafted PDF/Flash combo via authplay.dll, leading to remote code execution or memory corruption DoS. Affected products ...

9.3CVSS7.8AI score0.25006EPSS
In wild
CVE
CVE
added 2011/04/13 2:0 p.m.1030 views

CVE-2011-0611

CVE-2011-0611 affects Adobe Flash Player before 10.2.154.27 (Windows/macOS/Linux/Solaris) and 10.2.156.12 and earlier on Android, plus Authplay.dll in Reader/Acrobat components. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via crafted Flash cont...

9.3CVSS8.8AI score0.9941EPSS
In wild
CVE
CVE
added 2013/05/16 10:0 a.m.1021 views

CVE-2013-2729

CVE-2013-2729 : Integer overflow in Adobe Reader/Acrobat BMP/RLE image handling can lead to arbitrary code execution. Affected: Adobe Reader/Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. Root cause: heap/buffer overflow while parsing embedded BMP RLE resources in PDFs. Im...

10CVSS7.6AI score0.66555EPSS
In wild
CVE
CVE
added 2010/01/13 7:0 p.m.1020 views

CVE-2009-3953

CVE-2009-3953 affects Adobe Reader/Acrobat U3D handling in PDFs. The vulnerability arises from a CLODProgressiveMeshDeclaration array boundary issue in the U3D implementation, allowing remote code execution when processing malformed U3D data. Affected product versions include Acrobat/Reader 9.x p...

10CVSS7.4AI score0.83574EPSS
In wild
CVE
CVE
added 2008/02/07 8:0 p.m.1016 views

CVE-2008-0655

CVE-2008-0655 affects Adobe Acrobat/Reader (before 8.1.2). Connected advisories confirm multiple vulnerabilities in Adobe Reader/Acrobat, including JS API DOC.print could silently trigger printing, and PDF processing flaws that could enable arbitrary code execution. Red Hat RHSA-2008:0144 documen...

9.3CVSS6.4AI score0.36844EPSS
In wild
CVE
CVE
added 2009/12/15 2:0 a.m.1013 views

CVE-2009-4324

Adobe Reader/Acrobat (Windows/macOS) is affected by CVE-2009-4324 due to a use-after-free in Doc.media.newPlayer inside Multimedia.api. A crafted PDF with ZLib streams can trigger remote code execution. The vulnerability is reported as exploited in the wild in December 2009. Affected versions inc...

9.3CVSS7.2AI score0.81863EPSS
In wild
CVE
CVE
added 2011/12/07 7:0 p.m.1013 views

CVE-2011-2462

Adobe Reader/Acrobat U3D memory corruption vulnerability (CVE-2011-2462) affects Adobe Reader X (10.1.1) and earlier on Windows/macOS; Adobe Reader 9.x up to 9.4.6 on Windows, macOS, UNIX; exploitation could allow remote code execution or DoS via crafted U3D content. The issue is in the U3D parse...

10CVSS9.6AI score0.86238EPSS
In wild
CVE
CVE
added 2013/02/14 1:0 a.m.1001 views

CVE-2013-0641

CVE-2013-0641 is a buffer overflow in Adobe Reader and Acrobat versions prior to certain patches that allows a remote attacker to execute arbitrary code via a crafted PDF. The description specifies impact as remote code execution, with exploitation observed in the wild in February 2013. Affected ...

9.3CVSS7.8AI score0.32449EPSS
In wild
CVE
CVE
added 2010/09/09 9:0 p.m.1000 views

CVE-2010-2883

CVE-2010-2883 describes a stack-based buffer overflow in Adobe’s CoolType.dll (SING table handling) that affects Adobe Reader/Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Windows and macOS. A long field in a TTF font’s SING table in a PDF can allow remote code execution or cause a DoS (applicat...

9.3CVSS8.2AI score0.82485EPSS
In wild
CVE
CVE
added 2014/08/12 9:0 p.m.872 views

CVE-2014-0546

Adobe Reader and Acrobat for Windows are affected by CVE-2014-0546 due to a sandbox bypass that enables attackers to execute native code in a privileged context via unspecified vectors. Affected products include Adobe Reader 10.x up to 10.1.11 and Acrobat 10.x up to 10.1.11 and 11.x up to 11.0.08...

10CVSS6.8AI score0.2233EPSS
In wild
CVE
CVE
added 2023/09/13 8:17 a.m.596 views

CVE-2023-26369

Adobe Acrobat/Reader CVE-2023-26369 is an out-of-bounds write vulnerability that can enable arbitrary code execution in the context of the current user. Affected are Acrobat Reader 23.003.20284 and earlier, 20.005.30516 and earlier, and 20.005.30514 and earlier. Exploitation requires user interac...

7.8CVSS7.9AI score0.07036EPSS
In wild
CVE
CVE
added 2023/01/18 12:0 a.m.482 views

CVE-2023-21608

Adobe Acrobat Reader DC/Reader affected by a Use-After-Free in resetForm leading to arbitrary code execution when a user opens a malicious file. Impact: code execution in the user context (high). Affected versions include 22.003.20282 and earlier for Windows/macOS and 20.005.30418 and earlier. Ro...

7.8CVSS7.7AI score0.61475EPSS
In wild
CVE
CVE
added 2009/10/19 10:0 p.m.289 views

CVE-2009-2994

CVE-2009-2994 is described in connected advisories as a memory corruption vulnerability in Adobe Reader and Acrobat, caused by an index boundary error when handling U3D/CLODMeshDeclaration data in PDFs. This could allow remote code execution via specially crafted PDF documents. The advisories con...

9.3CVSS7.5AI score0.18445EPSS
In wild
CVE
CVE
added 2023/01/18 12:0 a.m.262 views

CVE-2023-21579

CVE-2023-21579 affects Adobe Acrobat Reader, specifically versions 22.003.20282 and earlier, 22.003.20281 and earlier, and 20.005.30418 and earlier. The issue is an Integer Overflow or Wraparound in the font parsing code that can lead to arbitrary code execution in the context of the current user...

7.8CVSS7.7AI score0.04945EPSS
CVE
CVE
added 2010/04/22 2:0 p.m.242 views

CVE-2010-1278

CVE-2010-1278 describes a buffer overflow in the gp.ocx ActiveX control (Atlcom.get_atlcom) used by Adobe Download Manager, affecting Adobe Reader/Acrobat 8.x before 8.2 and 9.x before 9.3. During initialization, two parameters are copied into a fixed-length buffer; oversized values can overflow ...

9.3CVSS8AI score0.08124EPSS
CVE
CVE
added 2026/04/11 6:45 a.m.223 views

CVE-2026-34621

CVE-2026-34621 — Adobe Acrobat/Reader Prototype Pollution affects Acrobat Reader DC/Acrobat DC on Windows and macOS. Affected: Acrobat Reader DC 26.001.21367 and earlier; Acrobat DC 26.001.21367 and earlier; Acrobat 2024 24.001.30356 and earlier. Root cause: Improperly Controlled Modification of ...

8.6CVSS6.3AI score0.07086EPSS
In wild
CVE
CVE
added 2022/05/11 5:59 p.m.218 views

CVE-2022-28269

CVE-2022-28269 affects Adobe Acrobat Reader DC and older Adobe Acrobat/Reader builds. The issue is a use-after-free in the processing of Annotation objects that can cause a memory leak in the context of the current user. Exploitation requires user interaction (victim opens a crafted file). Affect...

4.3CVSS5AI score0.10101EPSS
CVE
CVE
added 2022/05/11 6:0 p.m.214 views

CVE-2022-28838

CVE-2022-28838 affects Adobe Acrobat Pro DC (versions 22.001.2011x and earlier; 20.005.3033x and earlier; 17.012.3022x and earlier). It is a use-after-free vulnerability in a component used during PDF processing that could allow arbitrary code execution in the current user context. Exploitation r...

9.3CVSS7.7AI score0.02499EPSS
CVE
CVE
added 2022/05/11 5:57 p.m.208 views

CVE-2022-28266

CVE-2022-28266 affects Acrobat Reader DC and related Adobe products. The issue is an out-of-bounds read when parsing crafted PDF/files, potentially allowing read past end of an allocated memory structure and bypassing mitigations such as ASLR. Exploitation requires user interaction (the victim mu...

5.5CVSS5.2AI score0.02463EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.207 views

CVE-2013-2727

CVE-2013-2727 affects Adobe Reader and Acrobat: an integer overflow in 9.x (before 9.5.5), 10.x (before 10.1.7), and 11.x (before 11.0.03) can allow arbitrary code execution via unspecified vectors. Root cause is an integer overflow in parsing input; impact is remote code execution. Remediation p...

10CVSS7.6AI score0.05403EPSS
In wild
CVE
CVE
added 2023/11/16 9:52 a.m.197 views

CVE-2023-44336

CVE-2023-44336 affects multiple Adobe Acrobat/Reader DC products (Desktop variants: Classic, DC Continuous/Continuous, and Reader DC) on Windows and macOS. The issue is a Use-After-Free vulnerability in Acrobat components that can lead to arbitrary code execution in the context of the current use...

7.8CVSS7.8AI score0.02309EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.195 views

CVE-2013-2719

CVE-2013-3346 affects Adobe Reader/Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. Root cause: memory corruption via unspecified vectors; can lead to arbitrary code execution or Denial of Service. Remediation (per connected advisories): upgrade to Adobe Reader/Acrobat 9.5.5...

10CVSS7.7AI score0.04552EPSS
In wild
CVE
CVE
added 2009/02/20 7:0 p.m.194 views

CVE-2009-0658

CVE-2009-0658 concerns a buffer overflow in the JBIG2 decoder used by Adobe Reader (9.0 and earlier) and Acrobat (9.0 and earlier) when processing JBIG2 image streams embedded in PDFs. The underlying issue is a memory/buffer handling error in the JBIG2 decoder, enabling remote code execution via ...

9.3CVSS7.9AI score0.87719EPSS
In wild
CVE
CVE
added 2013/05/16 10:0 a.m.193 views

CVE-2013-2718

CVE-2013-3346 affects Adobe Reader and Acrobat: 9.x prior to 9.5.5, 10.x prior to 10.1.7, and 11.x prior to 11.0.03. It enables memory corruption leading to arbitrary code execution or a denial of service via unspecified vectors. Root cause is a memory corruption vulnerability distinct from CVE-2...

10CVSS7.7AI score0.04552EPSS
In wild
CVE
CVE
added 2013/05/16 10:0 a.m.192 views

CVE-2013-2731

CVE-2013-2731 affects Adobe Reader/Acrobat on versions 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. The connected advisories confirm memory-corruption/arbitrary-code and DoS risks via unspecified vectors, consistent with Adobe’s patch line. Affected products should update to the...

10CVSS7.7AI score0.04552EPSS
In wild
CVE
CVE
added 2022/07/15 3:33 p.m.192 views

CVE-2022-34221

CVE-2022-34221 affects Adobe Acrobat Reader: versions 22.001.20142 and earlier, 20.005.30334 and earlier, and 17.012.30229 and earlier are affected by an Access of Resource Using Incompatible Type (Type Confusion) vulnerability that could enable arbitrary code execution in the context of the curr...

7.8CVSS7.6AI score0.1083EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.191 views

CVE-2013-2732

CVE-2013-2732 affects Adobe Reader and Acrobat across 9.x (before 9.5.5), 10.x (before 10.1.7), and 11.x (before 11.0.03). Root cause: memory corruption via unspecified vectors allowing arbitrary code execution or DoS. Impact is consistent with the description (arbitrary code execution or denial ...

10CVSS7.7AI score0.05582EPSS
In wild
CVE
CVE
added 2013/05/16 10:0 a.m.191 views

CVE-2013-2735

Adobe Reader/Acrobat in vulnerable branches (9.x prior to 9.5.5, 10.x prior to 10.1.7, 11.x prior to 11.0.03) is affected by CVE-2013-2735 through memory corruption that can lead to arbitrary code execution or a denial of service. The issue is described as a memory corruption in unspecified vecto...

10CVSS7.7AI score0.05582EPSS
In wild
CVE
CVE
added 2013/05/16 10:0 a.m.191 views

CVE-2013-3339

CVE-2013-3339 affects Adobe Reader and Acrobat: 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03, enabling arbitrary code execution or memory corruption via unspecified vectors. Connected advisories indicate a vendor patch exists (e.g., RHSA-2013:0826; openSUSE openSUSE-2013:0990) an...

10CVSS7.7AI score0.05582EPSS
In wild
CVE
CVE
added 2024/12/10 7:54 p.m.190 views

CVE-2024-49530

CVE-2024-49530 affects multiple Adobe Acrobat Reader variants (including 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier). The exploit is a Use-After-Free vulnerability in which arbitrary code execution could occur in the context of the current user. Exploitation ...

7.8CVSS7.4AI score0.00444EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.189 views

CVE-2013-3337

Adobe Reader/Acrobat is affected by CVE-2013-3346: memory corruption leading to possible arbitrary code execution via unspecified vectors in versions 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. The connected advisories (e.g., RHSA-2013:0826; GLSA-201308-03) indicate updating to...

10CVSS7.7AI score0.05582EPSS
In wild
CVE
CVE
added 2022/05/11 5:17 p.m.189 views

CVE-2022-27793

CVE-2022-27793 describes a font-parsing out-of-bounds write in Adobe Acrobat/Reader DC. Affected: Acrobat Reader DC 22.001.20085 and earlier; 20.005.3031x and earlier; 17.012.30205 and earlier. Impact: arbitrary code execution in the context of the current user; exploitation requires user interac...

9.3CVSS7.7AI score0.09584EPSS
CVE
CVE
added 2016/08/26 7:0 p.m.188 views

CVE-2016-4270

Technical details about CVE-2016-4270 are not publicly provided in the supplied documents; monitor for official advisories for affected products, vulnerable components, impact, and fixes.

10CVSS9.8AI score0.05602EPSS
CVE
CVE
added 2022/07/15 3:35 p.m.188 views

CVE-2022-34230

CVE-2022-34230 concerns Adobe Acrobat Reader/Acrobat vulnerabilities in the Use-After-Free class that can lead to arbitrary code execution. Affected products include Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier), and 17.012.30229 (and earlier); related entries doc...

7.8CVSS7.7AI score0.03363EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.187 views

CVE-2013-2720

CVE-2013-3346 affects Adobe Reader/Acrobat: versions 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. The vulnerability enables memory corruption via unspecified vectors, potentially allowing arbitrary code execution or a denial of service. Root cause is memory corruption within com...

10CVSS7.7AI score0.04552EPSS
In wild
CVE
CVE
added 2013/05/16 10:0 a.m.187 views

CVE-2013-2721

Technical details for CVE-2013-2721 are not publicly available in the provided documents. Please monitor vendor advisories and security bulletins for affected versions, impact, and remediation.

10CVSS7.7AI score0.04552EPSS
In wild
CVE
CVE
added 2022/05/11 5:8 p.m.187 views

CVE-2022-24104

CVE-2022-24104 is a use-after-free vulnerability in Adobe Acrobat Reader DC affecting versions 20.001.20085 and earlier, 20.005.3031x and earlier, and 17.012.30205 and earlier. The flaw could allow arbitrary code execution in the context of the current user and exploitation requires user interact...

9.3CVSS7.6AI score0.10813EPSS
CVE
CVE
added 2013/05/16 10:0 a.m.186 views

CVE-2013-2726

CVE-2013-3346 affects Adobe Reader/Acrobat 9.x prior to 9.5.5, 10.x prior to 10.1.7, and 11.x prior to 11.0.03. The connected advisories identify a memory corruption vulnerability that allows an attacker to execute arbitrary code or cause a denial of service via unspecified vectors. The root caus...

10CVSS7.7AI score0.05582EPSS
In wild
CVE
CVE
added 2013/05/16 10:0 a.m.186 views

CVE-2013-3338

CVE-2013-3346 affects Adobe Reader and Acrobat: versions 9.x prior to 9.5.5, 10.x prior to 10.1.7, and 11.x prior to 11.0.03 are vulnerable. The vulnerability allows arbitrary code execution or a denial of service (memory corruption) via unspecified vectors and is described as different from othe...

10CVSS7.7AI score0.05582EPSS
In wild
CVE
CVE
added 2012/08/15 10:0 a.m.184 views

CVE-2012-4159

Technical details for CVE-2012-4159 are not provided in the supplied documents; no affected products, impact, or remediation are disclosed here. Monitor for updates.

10CVSS7.6AI score0.07532EPSS
Total number of security vulnerabilities1381