Acrobat Reader Security Vulnerabilities and Issues — Page 13 of Acrobat Reader CVE List

9.3CVSS9.1AI score0.08649EPSS

CVE-2017-16383

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability when processing a JPEG file embedd...

9.3CVSS9.1AI score0.0413EPSS

CVE-2017-16390

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript engine API. The...

9.3CVSS9.2AI score0.26272EPSS

CVE-2017-16392

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value in the JPEG processing ...

9.3CVSS9.2AI score0.26272EPSS

CVE-2017-16395

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value in the image conversion...

9.3CVSS8.8AI score0.08675EPSS

CVE-2017-16420

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the ta...

CVE•added 2018/02/27 5:29 a.m.•65 views

CVE-2018-4912

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.0188EPSS

CVE•added 2021/09/02 5:15 p.m.•65 views

CVE-2021-28557

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to leak sensitive system information in the context of t...

4.3CVSS5.6AI score0.01316EPSS

CVE•added 2021/09/02 5:15 p.m.•65 views

CVE-2021-28561

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the ...

8.8CVSS8.8AI score0.18211EPSS

CVE•added 2022/01/14 8:15 p.m.•65 views

CVE-2021-44712

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in th...

5.5CVSS5.3AI score0.00488EPSS

CVE•added 2022/01/14 8:15 p.m.•65 views

CVE-2021-45062

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of ...

9.3CVSS7.7AI score0.09052EPSS

CVE•added 2022/01/14 8:15 p.m.•65 views

CVE-2021-45063

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability t...

5.5CVSS4.3AI score0.0237EPSS

CVE•added 2022/08/11 3:15 p.m.•65 views

CVE-2022-35671

Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

5.5CVSS5.1AI score0.00172EPSS

CVE•added 2022/10/14 8:15 p.m.•65 views

CVE-2022-38449

Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

5.5CVSS5.1AI score0.00055EPSS

CVE•added 2024/02/15 1:15 p.m.•65 views

CVE-2024-20747

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interactio...

5.5CVSS5.6AI score0.00055EPSS

CVE•added 2024/05/15 10:15 a.m.•65 views

CVE-2024-30310

Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

7.8CVSS7.1AI score0.00716EPSS

CVE•added 2005/01/10 5:0 a.m.•64 views

CVE-2004-1152

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment.

10CVSS7.5AI score0.16622EPSS

CVE•added 2009/10/19 10:30 p.m.•64 views

CVE-2009-3458

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998.

9.3CVSS7.3AI score0.49031EPSS

CVE•added 2010/04/14 4:0 p.m.•64 views

CVE-2010-0204

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201.

9.3CVSS7.6AI score0.09513EPSS

CVE•added 2010/10/06 5:0 p.m.•64 views

CVE-2010-3625

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."

9.3CVSS7.5AI score0.04997EPSS

CVE•added 2010/10/06 5:0 p.m.•64 views

CVE-2010-3657

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656.

4.3CVSS6.2AI score0.01584EPSS

CVE•added 2010/11/07 10:0 p.m.•64 views

CVE-2010-4091

The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involv...

9.3CVSS7.6AI score0.25727EPSS

CVE•added 2011/06/16 11:55 p.m.•64 views

CVE-2011-2099

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.

9.3CVSS7.7AI score0.09907EPSS

CVE•added 2012/08/15 10:31 a.m.•64 views

CVE-2012-4156

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE...

10CVSS7.6AI score0.19383EPSS

CVE•added 2014/05/14 11:13 a.m.•64 views

CVE-2014-0521

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.

4.3CVSS5.8AI score0.1344EPSS

CVE•added 2014/05/14 11:13 a.m.•64 views

CVE-2014-0525

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls.

10CVSS7.5AI score0.31313EPSS

CVE•added 2015/05/13 10:59 a.m.•64 views

CVE-2015-3053

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075.

10CVSS7.4AI score0.06245EPSS

CVE•added 2015/05/13 11:0 a.m.•64 views

CVE-2015-3067

10CVSS6.4AI score0.31105EPSS

9.3CVSS6.3AI score0.05694EPSS

CVE-2015-4452

CVE-2015-5088

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive infor...

5CVSS6AI score0.0335EPSS

7.8CVSS6.3AI score0.02613EPSS

CVE-2015-5091

10CVSS7.4AI score0.03731EPSS

CVE-2015-5095

6.8CVSS7.9AI score0.0344EPSS

CVE-2015-5110

Stack-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via uns...

CVE•added 2015/10/14 11:59 p.m.•64 views

CVE-2015-6693

The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code or...

6.8CVSS7.5AI score0.19689EPSS

CVE•added 2015/10/14 11:59 p.m.•64 views

CVE-2015-6697

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process ...

6.8CVSS5.8AI score0.01851EPSS

CVE•added 2015/10/14 11:59 p.m.•64 views

CVE-2015-6722

The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript AP...

6.8CVSS6.5AI score0.0783EPSS

CVE•added 2015/10/15 12:0 a.m.•64 views

CVE-2015-7829

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete arbitr...

1.9CVSS6.5AI score0.01042EPSS

CVE•added 2016/01/14 5:59 a.m.•64 views

CVE-2016-0939

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memo...

8.8CVSS9.5AI score0.05746EPSS

CVE•added 2018/05/19 5:29 p.m.•64 views

CVE-2017-11253

Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

10CVSS9.4AI score0.17152EPSS

9.3CVSS8.8AI score0.08675EPSS

CVE-2017-16376

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the ta...

9.3CVSS9.2AI score0.14941EPSS

CVE-2017-16407

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; th...

9.3CVSS9.2AI score0.11586EPSS

CVE-2017-16416

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; th...