Acrobat Security Vulnerabilities and Issues — Page 21 of Acrobat CVE List

10CVSS9.7AI score0.02555EPSS

CVE-2016-1043

Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

CVE-2016-1047

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

CVE-2016-1051

CVE-2016-1053

CVE-2016-1068

10CVSS10AI score0.12588EPSS

CVE-2016-1080

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2016/05/11 11:0 a.m.•55 views

CVE-2016-1090

Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an uns...

7.8CVSS8AI score0.00484EPSS

CVE•added 2016/05/11 11:0 a.m.•55 views

CVE-2016-1122

CVE•added 2016/09/17 2:59 a.m.•55 views

CVE-2016-6938

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

10CVSS9.4AI score0.02083EPSS

CVE•added 2016/10/13 8:0 p.m.•55 views

CVE-2016-6988

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

10CVSS9.8AI score0.0216EPSS

CVE•added 2016/10/13 8:0 p.m.•55 views

CVE-2016-7013

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2018/02/27 5:29 a.m.•55 views

CVE-2018-4891

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.01979EPSS

CVE•added 2018/02/27 5:29 a.m.•55 views

CVE-2018-4901

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document...

8.8CVSS9.2AI score0.08234EPSS

CVE•added 2020/11/05 8:15 p.m.•55 views

CVE-2020-24436

Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this vulnerability to execu...

7.8CVSS7.4AI score0.03652EPSS

CVE•added 2022/01/14 8:15 p.m.•55 views

CVE-2021-44713

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in application denial of service. Exploitation of this issue requires user inter...

5.5CVSS5.4AI score0.00498EPSS

CVE•added 2023/04/12 9:15 p.m.•55 views

CVE-2023-26420

Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ...

7.8CVSS7.7AI score0.01674EPSS

CVE•added 2024/08/14 3:15 p.m.•55 views

CVE-2024-41832

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this is...

5.5CVSS5.1AI score0.00092EPSS

CVE•added 2025/03/11 6:15 p.m.•55 views

CVE-2025-27159

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious f...

7.8CVSS7.4AI score0.00041EPSS

CVE•added 2000/10/20 4:0 a.m.•54 views

CVE-2000-0713

Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.

7.6CVSS7.6AI score0.05134EPSS

CVE•added 2004/09/28 4:0 a.m.•54 views

CVE-2004-0629

Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.

7.5CVSS8AI score0.20761EPSS

CVE•added 2007/01/03 9:28 p.m.•54 views

CVE-2007-0044

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character...

4.3CVSS6.2AI score0.54871EPSS

CVE•added 2009/06/11 3:30 p.m.•54 views

CVE-2009-0889

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-20...

9.3CVSS7.9AI score0.1211EPSS

CVE•added 2009/10/19 10:30 p.m.•54 views

CVE-2009-2981

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.

9.3CVSS6.2AI score0.07238EPSS

CVE•added 2009/10/19 10:30 p.m.•54 views

CVE-2009-2983

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

9.3CVSS7.6AI score0.57483EPSS

CVE•added 2009/10/19 10:30 p.m.•54 views

CVE-2009-2986

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.4AI score0.37028EPSS

CVE•added 2010/04/14 4:0 p.m.•54 views

CVE-2010-0196

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193.

9.3CVSS9.6AI score0.41095EPSS

CVE•added 2010/04/14 4:0 p.m.•54 views

CVE-2010-0202

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203.

9.3CVSS7.6AI score0.26977EPSS

CVE•added 2010/10/06 5:0 p.m.•54 views

CVE-2010-3630

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.

9.3CVSS7.6AI score0.05903EPSS

CVE•added 2011/02/10 6:0 p.m.•54 views

CVE-2011-0567

AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image that triggers an incorrect pointer calculation, leading t...

9.3CVSS7.6AI score0.14127EPSS

CVE•added 2011/12/16 7:55 p.m.•54 views

CVE-2011-4369

Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to...

10CVSS9.6AI score0.1304EPSS

CVE•added 2013/01/10 11:56 a.m.•54 views

CVE-2013-0619

Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-20...

10CVSS7.6AI score0.10663EPSS

CVE•added 2015/07/15 2:59 p.m.•54 views

CVE-2015-4447

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified v...

10CVSS6.3AI score0.05694EPSS

CVE•added 2015/10/14 11:59 p.m.•54 views

CVE-2015-6683

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via un...

10CVSS7.3AI score0.04034EPSS

CVE•added 2015/10/14 11:59 p.m.•54 views

CVE-2015-6696

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unsp...

6.8CVSS7.9AI score0.03695EPSS

CVE•added 2015/10/14 11:59 p.m.•54 views

CVE-2015-7616

The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API executio...

6.8CVSS6.5AI score0.0783EPSS

CVE•added 2016/01/14 5:59 a.m.•54 views

CVE-2016-0944

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS9.5AI score0.05746EPSS

CVE•added 2016/05/11 10:59 a.m.•54 views

CVE-2016-1074

10CVSS10AI score0.12588EPSS

CVE•added 2016/05/11 10:59 a.m.•54 views

CVE-2016-1086

10CVSS10AI score0.12588EPSS

CVE•added 2016/07/13 2:0 a.m.•54 views

CVE-2016-4211

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS9.8AI score0.22372EPSS

CVE•added 2016/07/13 2:0 a.m.•54 views

CVE-2016-4250

10CVSS9.8AI score0.22372EPSS

CVE•added 2016/08/26 7:59 p.m.•54 views

CVE-2016-4267

10CVSS9.8AI score0.22372EPSS

CVE•added 2016/10/13 7:59 p.m.•54 views

CVE-2016-6940

CVE•added 2016/10/13 7:59 p.m.•54 views

CVE-2016-6949

10CVSS9.8AI score0.0216EPSS

CVE•added 2016/10/13 7:59 p.m.•54 views

CVE-2016-6954

CVE•added 2016/10/13 8:0 p.m.•54 views

CVE-2016-7003

CVE•added 2016/10/13 8:0 p.m.•54 views

CVE-2016-7012