Acrobat Security Vulnerabilities and Issues — Page 23 of Acrobat CVE List

10CVSS9.4AI score0.06119EPSS

CVE-2016-1044

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability...

10CVSS9.3AI score0.06119EPSS

CVE-2016-1062

CVE-2016-1064

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS8.3AI score0.06624EPSS

CVE-2016-1065

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

CVE-2016-1082

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2016/04/30 10:59 a.m.•52 views

CVE-2016-1111

Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary.

8.8CVSS9.2AI score0.03254EPSS

CVE•added 2016/05/11 11:0 a.m.•52 views

CVE-2016-1112

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors.

10CVSS8.9AI score0.022EPSS

CVE•added 2016/05/11 11:0 a.m.•52 views

CVE-2016-1117

10CVSS9.3AI score0.06119EPSS

CVE•added 2016/05/11 11:0 a.m.•52 views

CVE-2016-4101

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2016/08/26 7:59 p.m.•52 views

CVE-2016-4265

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS9.8AI score0.22372EPSS

CVE•added 2016/10/13 7:59 p.m.•52 views

CVE-2016-6942

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

10CVSS10AI score0.05955EPSS

CVE•added 2016/10/13 7:59 p.m.•52 views

CVE-2016-6963

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

10CVSS9.8AI score0.0216EPSS

CVE•added 2016/10/13 8:0 p.m.•52 views

CVE-2016-6997

10CVSS10AI score0.05955EPSS

CVE•added 2016/10/13 8:0 p.m.•52 views

CVE-2016-6998

10CVSS10AI score0.05955EPSS

CVE•added 2018/02/27 5:29 a.m.•52 views

CVE-2018-4895

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image co...

10CVSS9.4AI score0.04019EPSS

CVE•added 2018/05/19 5:29 p.m.•52 views

CVE-2018-4918

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

10CVSS9.6AI score0.02037EPSS

CVE•added 2020/11/05 8:15 p.m.•52 views

CVE-2020-24431

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. Exploitation of this issue requires user intera...

5.8CVSS5.2AI score0.00357EPSS

CVE•added 2021/09/29 4:15 p.m.•52 views

CVE-2021-39846

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploi...

6.1CVSS6.4AI score0.01021EPSS

CVE•added 2021/09/29 4:15 p.m.•52 views

CVE-2021-39853

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context o...

5.5CVSS5.6AI score0.01014EPSS

CVE•added 2023/01/27 6:15 p.m.•52 views

CVE-2023-22242

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac...

7.8CVSS7.7AI score0.00661EPSS

CVE•added 2023/08/10 2:15 p.m.•52 views

CVE-2023-38236

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

5.5CVSS5.1AI score0.00228EPSS

CVE•added 2024/08/14 3:15 p.m.•52 views

CVE-2024-41834

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this is...

5.5CVSS5.1AI score0.00126EPSS

CVE•added 2009/10/19 10:30 p.m.•51 views

CVE-2009-2992

An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.

4.3CVSS6.2AI score0.02148EPSS

CVE•added 2009/10/19 10:30 p.m.•51 views

CVE-2009-2993

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and po...

9.3CVSS6.9AI score0.09132EPSS

CVE•added 2009/10/19 10:30 p.m.•51 views

CVE-2009-3462

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."

5.1CVSS7.3AI score0.03482EPSS

CVE•added 2011/02/10 6:0 p.m.•51 views

CVE-2011-0588

Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0570.

6.9CVSS6.2AI score0.00154EPSS

CVE•added 2011/05/03 7:55 p.m.•51 views

CVE-2011-0610

The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a ...

9.3CVSS9AI score0.05781EPSS

CVE•added 2011/06/16 11:55 p.m.•51 views

CVE-2011-2098

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.

9.3CVSS7.7AI score0.09907EPSS

CVE•added 2013/05/16 11:45 a.m.•51 views

CVE-2013-2737

A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to obtain sensitive information via unspecified vectors.

5CVSS5.7AI score0.01908EPSS

10CVSS7.6AI score0.27545EPSS

CVE-2014-8447

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE...

10CVSS9.6AI score0.39126EPSS

CVE-2014-8449

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.4AI score0.2145EPSS

CVE-2014-8454

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165.

10CVSS7.6AI score0.27545EPSS

CVE-2014-8459

10CVSS7.4AI score0.2145EPSS

CVE-2014-9165

CVE•added 2015/07/15 2:59 p.m.•51 views

CVE-2015-5105

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via unsp...

10CVSS7.9AI score0.04398EPSS

CVE•added 2015/10/14 11:59 p.m.•51 views

CVE-2015-6708

The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution...

6.8CVSS6.5AI score0.0783EPSS

CVE•added 2015/10/14 11:59 p.m.•51 views

CVE-2015-7620

The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API ex...

6.8CVSS6.5AI score0.0783EPSS

CVE•added 2016/05/11 10:59 a.m.•51 views

CVE-2016-1084

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2016/10/13 7:59 p.m.•51 views

CVE-2016-1089

10CVSS9.8AI score0.0216EPSS

CVE•added 2016/10/13 7:59 p.m.•51 views

CVE-2016-1091

10CVSS9.8AI score0.0216EPSS

CVE•added 2016/05/11 11:0 a.m.•51 views

CVE-2016-1125

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2016/05/11 11:0 a.m.•51 views

CVE-2016-4088

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2016/05/11 11:0 a.m.•51 views

CVE-2016-4098

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE•added 2016/08/26 7:59 p.m.•51 views

CVE-2016-4119

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...