Lucene search

K
AdobeAcrobat Reader

1072 matches found

CVE
CVE
added 2015/10/14 11:59 p.m.49 views

CVE-2015-6688

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a ...

6.8CVSS7.1AI score0.05379EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.49 views

CVE-2018-4879

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image co...

10CVSS9.4AI score0.30399EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.49 views

CVE-2018-4889

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.49 views

CVE-2018-4896

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2023/09/06 2:15 p.m.49 views

CVE-2021-35980

Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user...

7.8CVSS8.2AI score0.00833EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.49 views

CVE-2024-39422

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open...

7.8CVSS7.8AI score0.01494EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.49 views

CVE-2024-39424

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open...

7.8CVSS7.8AI score0.01494EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.48 views

CVE-2001-1069

libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior.

7.2CVSS6.3AI score0.0009EPSS
CVE
CVE
added 2012/08/15 10:31 a.m.48 views

CVE-2012-4161

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4162.

7.5CVSS7.8AI score0.05018EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.48 views

CVE-2018-4884

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.01891EPSS
CVE
CVE
added 2018/07/09 7:29 p.m.48 views

CVE-2018-4997

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

8.8CVSS9.3AI score0.0519EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.48 views

CVE-2024-39423

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus...

7.8CVSS7.8AI score0.0134EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.48 views

CVE-2024-41831

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open...

7.8CVSS7.8AI score0.01494EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.48 views

CVE-2024-41833

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this is...

5.5CVSS5.1AI score0.00072EPSS
CVE
CVE
added 2003/08/18 4:0 a.m.47 views

CVE-2003-0142

Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifyin...

5CVSS6.5AI score0.04598EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.47 views

CVE-2004-0630

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode ...

10CVSS7.6AI score0.19519EPSS
CVE
CVE
added 2004/07/27 4:0 a.m.47 views

CVE-2004-0632

Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.

7.5CVSS7.8AI score0.23152EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.47 views

CVE-2014-8460

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159.

10CVSS7.9AI score0.36278EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.47 views

CVE-2014-8461

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE...

10CVSS7.6AI score0.27545EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.47 views

CVE-2018-4898

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the XPS engi...

8.8CVSS9.2AI score0.04194EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.47 views

CVE-2018-4904

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability. The vulnerability is triggered by crafted TIFF data within an XPS file, ...

8.8CVSS9.3AI score0.05245EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.47 views

CVE-2018-4906

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.01221EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.47 views

CVE-2018-4915

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the JavaScri...

8.8CVSS9.2AI score0.04194EPSS
CVE
CVE
added 2023/08/10 2:15 p.m.47 views

CVE-2023-38223

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ope...

7.8CVSS7.6AI score0.05187EPSS
CVE
CVE
added 2024/06/13 12:15 p.m.47 views

CVE-2024-34129

Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to access files and directories ...

7.5CVSS7.4AI score0.00055EPSS
CVE
CVE
added 2003/08/07 4:0 a.m.46 views

CVE-2003-0508

Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.

7.5CVSS7.9AI score0.16992EPSS
CVE
CVE
added 2011/06/16 11:55 p.m.46 views

CVE-2011-2106

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

9.3CVSS7.8AI score0.11888EPSS
CVE
CVE
added 2014/12/10 9:59 p.m.46 views

CVE-2014-8457

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8460 and CVE-2014-9159.

10CVSS7.9AI score0.36278EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.46 views

CVE-2018-4881

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.46 views

CVE-2018-4882

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.46 views

CVE-2018-4900

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of J...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2024/08/14 3:15 p.m.46 views

CVE-2024-39426

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to ex...

7.8CVSS7.5AI score0.01291EPSS
CVE
CVE
added 2008/05/08 12:20 a.m.45 views

CVE-2008-2042

The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.

9.3CVSS7.8AI score0.04475EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.45 views

CVE-2011-0605

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

6.8CVSS7.7AI score0.04116EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.45 views

CVE-2018-4885

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of E...

6.5CVSS7.5AI score0.01891EPSS
CVE
CVE
added 2023/09/06 2:15 p.m.45 views

CVE-2021-28644

Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user...

7.8CVSS8AI score0.02172EPSS
CVE
CVE
added 2024/02/15 1:15 p.m.45 views

CVE-2024-20734

Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in ...

5.5CVSS5.3AI score0.0007EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.44 views

CVE-2004-0631

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command.

10CVSS7.8AI score0.16083EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.44 views

CVE-2004-1153

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.

10CVSS7.8AI score0.14946EPSS
CVE
CVE
added 2006/07/12 10:5 p.m.44 views

CVE-2006-3452

Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files.

4.6CVSS6.6AI score0.00151EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.44 views

CVE-2011-0564

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows use weak permissions for unspecified files, which allows attackers to gain privileges via unknown vectors.

9.3CVSS6.8AI score0.01198EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.44 views

CVE-2011-0568

Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.

6.8CVSS7.9AI score0.03721EPSS
CVE
CVE
added 2014/09/17 10:55 a.m.44 views

CVE-2014-0563

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS6.4AI score0.01352EPSS
CVE
CVE
added 2016/03/09 11:59 a.m.44 views

CVE-2016-1009

Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS9.7AI score0.06136EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.44 views

CVE-2018-4883

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs because of computation that reads data that is past the end of the target buffer; the computation is part of the i...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.44 views

CVE-2018-4907

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2005/02/20 5:0 a.m.43 views

CVE-2004-1598

Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.

5CVSS6.6AI score0.01652EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.43 views

CVE-2005-1347

** UNVERIFIABLE ** NOTE: this issue describes a problem that can not be independently verified as of 20050421. Adobe Acrobat reader (AcroRd32.exe) 6.0 and earlier allows remote attackers to cause a denial of service ("Invalid-ID-Handle-Error" error) and modify memory beginning at a particular addre...

2.6CVSS7.3AI score0.08233EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.43 views

CVE-2018-4887

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.0188EPSS
CVE
CVE
added 2018/02/27 5:29 a.m.43 views

CVE-2018-4913

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the XFA engine, related to DOM manipulation. The vulnerability is tri...

8.8CVSS9.2AI score0.0229EPSS
Total number of security vulnerabilities1072