Lucene search

K
AdobeAcrobat Reader

1072 matches found

CVE
CVE
added 2023/04/12 9:15 p.m.55 views

CVE-2023-26406

Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu...

7.8CVSS7.6AI score0.01412EPSS
CVE
CVE
added 2023/08/10 2:15 p.m.55 views

CVE-2023-38245

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a...

5.5CVSS5.5AI score0.00262EPSS
CVE
CVE
added 2024/02/15 1:15 p.m.55 views

CVE-2024-20733

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service. An attacker could leverage this vulnerability to cause the application to crash, resulting in a denial of service. Exploitat...

5.5CVSS5.3AI score0.0034EPSS
CVE
CVE
added 2024/02/15 1:15 p.m.55 views

CVE-2024-20749

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interactio...

5.5CVSS5.9AI score0.00074EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.55 views

CVE-2024-39425

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system ...

7CVSS6.8AI score0.00054EPSS
CVE
CVE
added 2025/03/11 6:15 p.m.55 views

CVE-2025-27161

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in ...

7.8CVSS6.8AI score0.00029EPSS
CVE
CVE
added 2005/07/07 4:0 a.m.54 views

CVE-2005-1841

The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it.

2.1CVSS6AI score0.00103EPSS
CVE
CVE
added 2007/01/03 9:28 p.m.54 views

CVE-2007-0046

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.

7.5CVSS7.2AI score0.64856EPSS
CVE
CVE
added 2009/06/11 3:30 p.m.54 views

CVE-2009-2028

Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."

10CVSS6.6AI score0.04066EPSS
CVE
CVE
added 2009/10/19 10:30 p.m.54 views

CVE-2009-2993

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and po...

9.3CVSS6.9AI score0.09132EPSS
CVE
CVE
added 2009/10/19 10:30 p.m.54 views

CVE-2009-3462

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."

5.1CVSS7.3AI score0.03482EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.54 views

CVE-2010-0190

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.5AI score0.0139EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.54 views

CVE-2010-0191

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."

9.3CVSS7.5AI score0.18131EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.54 views

CVE-2010-0195

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.4AI score0.18131EPSS
CVE
CVE
added 2010/10/06 5:0 p.m.54 views

CVE-2010-2887

Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors.

9.3CVSS6.7AI score0.04375EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.54 views

CVE-2011-0594

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.

9.3CVSS7.5AI score0.09931EPSS
CVE
CVE
added 2014/01/30 3:6 p.m.54 views

CVE-2013-1376

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.

10CVSS7.6AI score0.23023EPSS
CVE
CVE
added 2014/11/30 2:59 a.m.54 views

CVE-2014-9150

Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568.

6.4CVSS6.7AI score0.06357EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.54 views

CVE-2015-6694

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory co...

6.8CVSS7.5AI score0.19689EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.54 views

CVE-2018-4895

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image co...

10CVSS9.4AI score0.03823EPSS
CVE
CVE
added 2018/05/19 5:29 p.m.54 views

CVE-2018-4918

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

10CVSS9.6AI score0.02037EPSS
CVE
CVE
added 2021/09/29 4:15 p.m.54 views

CVE-2021-39846

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploi...

6.1CVSS6.4AI score0.01021EPSS
CVE
CVE
added 2021/09/29 4:15 p.m.54 views

CVE-2021-39853

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context o...

5.5CVSS5.6AI score0.01014EPSS
CVE
CVE
added 2023/01/27 6:15 p.m.54 views

CVE-2023-22242

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac...

7.8CVSS7.7AI score0.00661EPSS
CVE
CVE
added 2023/08/10 2:15 p.m.54 views

CVE-2023-38222

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ...

7.8CVSS7.7AI score0.06654EPSS
CVE
CVE
added 2025/03/11 6:15 p.m.54 views

CVE-2025-24431

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires u...

5.5CVSS6.1AI score0.00031EPSS
CVE
CVE
added 2007/01/09 12:28 a.m.53 views

CVE-2007-0103

The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a craft...

6.8CVSS7AI score0.30541EPSS
CVE
CVE
added 2007/03/10 12:19 a.m.53 views

CVE-2007-1377

AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability...

5CVSS6.3AI score0.53628EPSS
CVE
CVE
added 2009/06/11 3:30 p.m.53 views

CVE-2009-0888

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-20...

9.3CVSS7.9AI score0.1211EPSS
CVE
CVE
added 2010/10/06 5:0 p.m.53 views

CVE-2010-3624

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via a crafted image.

9.3CVSS7.2AI score0.22531EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.53 views

CVE-2011-0588

Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0570.

6.9CVSS6.2AI score0.00154EPSS
CVE
CVE
added 2011/05/03 7:55 p.m.53 views

CVE-2011-0610

The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a ...

9.3CVSS9AI score0.05781EPSS
CVE
CVE
added 2012/08/21 10:46 a.m.53 views

CVE-2012-4363

Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems."

9.3CVSS8AI score0.13477EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.53 views

CVE-2014-8447

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE...

10CVSS7.6AI score0.27545EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.53 views

CVE-2014-8449

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS9.6AI score0.38539EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.53 views

CVE-2014-8453

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

5CVSS6.6AI score0.10853EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.53 views

CVE-2015-6698

Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to ...

6.8CVSS7.9AI score0.03695EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.53 views

CVE-2015-6713

The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API exe...

7.5CVSS6.5AI score0.0783EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.53 views

CVE-2015-7620

The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API ex...

6.8CVSS6.5AI score0.0783EPSS
CVE
CVE
added 2016/04/30 10:59 a.m.53 views

CVE-2016-1111

Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary.

8.8CVSS9.2AI score0.03254EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.53 views

CVE-2018-4911

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API related to bookmark functionality. The vulnerabili...

8.8CVSS8.9AI score0.01043EPSS
CVE
CVE
added 2018/07/09 7:29 p.m.53 views

CVE-2018-4999

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

6.5CVSS8AI score0.08684EPSS
CVE
CVE
added 2020/11/05 8:15 p.m.53 views

CVE-2020-24431

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. Exploitation of this issue requires user intera...

5.8CVSS5.2AI score0.00357EPSS
CVE
CVE
added 2021/09/29 4:15 p.m.53 views

CVE-2021-39839

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user. Ex...

7.8CVSS7.6AI score0.56988EPSS
CVE
CVE
added 2021/09/29 4:15 p.m.53 views

CVE-2021-39851

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context o...

5.5CVSS5.6AI score0.01014EPSS
CVE
CVE
added 2023/08/10 2:15 p.m.53 views

CVE-2023-38236

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

5.5CVSS5.1AI score0.00262EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.53 views

CVE-2024-41834

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this is...

5.5CVSS5.1AI score0.00072EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.52 views

CVE-1999-1576

Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.

7.5CVSS8AI score0.25948EPSS
CVE
CVE
added 2006/11/21 11:7 p.m.52 views

CVE-2006-6027

Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control.

9.3CVSS7.5AI score0.53628EPSS
CVE
CVE
added 2008/06/25 12:36 p.m.52 views

CVE-2008-2641

Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."

10CVSS7.6AI score0.38738EPSS
Total number of security vulnerabilities1072