Lucene search

K
AdobeAcrobat

57 matches found

CVE
CVE
added 2022/05/11 6:15 p.m.203 views

CVE-2022-28269

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of Annotation objects that could result in a memory leak in the context of the current user. Exploitation of this issue r...

4.3CVSS5AI score0.01668EPSS
CVE
CVE
added 2022/05/11 6:15 p.m.117 views

CVE-2022-24101

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploi...

4.3CVSS4.9AI score0.02777EPSS
CVE
CVE
added 2022/05/11 6:15 p.m.100 views

CVE-2022-28252

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage thi...

4.3CVSS4.2AI score0.01279EPSS
CVE
CVE
added 2022/05/11 6:15 p.m.91 views

CVE-2022-28268

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. E...

4.3CVSS4.7AI score0.03081EPSS
CVE
CVE
added 2021/02/11 8:15 p.m.78 views

CVE-2021-21046

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation o...

4.3CVSS5.7AI score0.011EPSS
CVE
CVE
added 2020/11/05 8:15 p.m.76 views

CVE-2020-24426

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as A...

4.3CVSS3.3AI score0.00876EPSS
CVE
CVE
added 2021/10/15 3:15 p.m.75 views

CVE-2021-40729

Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to by...

4.3CVSS3.5AI score0.0034EPSS
CVE
CVE
added 2022/01/14 8:15 p.m.75 views

CVE-2021-44739

Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this ...

4.3CVSS4AI score0.01723EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.74 views

CVE-2017-3021

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine.

4.3CVSS6AI score0.00852EPSS
CVE
CVE
added 2008/11/05 3:0 p.m.71 views

CVE-2008-4816

Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors.

4.3CVSS6.3AI score0.03093EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.71 views

CVE-2017-3031

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine.

4.3CVSS6AI score0.01182EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.70 views

CVE-2017-3022

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file.

4.3CVSS6AI score0.01294EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.70 views

CVE-2017-3033

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data.

4.3CVSS6.1AI score0.01182EPSS
CVE
CVE
added 2020/11/05 8:15 p.m.70 views

CVE-2020-24434

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as A...

4.3CVSS3.3AI score0.00876EPSS
CVE
CVE
added 2007/01/03 9:28 p.m.69 views

CVE-2007-0045

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770...

4.3CVSS5.3AI score0.63944EPSS
CVE
CVE
added 2011/06/09 2:38 a.m.69 views

CVE-2011-2107

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vu...

4.3CVSS7AI score0.01077EPSS
CVE
CVE
added 2021/10/15 3:15 p.m.69 views

CVE-2021-40730

Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free that allow a remote attacker to disclose sensitive information on affected installations of of Adobe Acrobat Reader DC. ...

4.3CVSS4.8AI score0.01226EPSS
CVE
CVE
added 2023/08/10 2:15 p.m.69 views

CVE-2023-29299

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An attacker could leverage this vulnerability if the default PowerShell Set-ExecutionPolicy is set to Unre...

4.7CVSS5AI score0.00212EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.68 views

CVE-2015-5583

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended sandbox restrictions and obtain sensitive PDF ...

4.3CVSS6.2AI score0.01935EPSS
CVE
CVE
added 2015/07/15 2:59 p.m.67 views

CVE-2015-5107

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors.

4.3CVSS5.9AI score0.02163EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.67 views

CVE-2017-3032

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser.

4.3CVSS6AI score0.02163EPSS
CVE
CVE
added 2021/02/11 8:15 p.m.67 views

CVE-2021-21061

Acrobat Pro DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use-after-free vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive ...

4.3CVSS5.3AI score0.0161EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.66 views

CVE-2017-3020

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module.

4.3CVSS6AI score0.01492EPSS
CVE
CVE
added 2021/02/11 8:15 p.m.66 views

CVE-2021-21034

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally elevate privileges in the context of the curr...

4.3CVSS4.4AI score0.01012EPSS
CVE
CVE
added 2022/01/14 8:15 p.m.66 views

CVE-2021-44702

Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this ...

4.3CVSS4.5AI score0.01723EPSS
CVE
CVE
added 2006/02/02 11:2 a.m.65 views

CVE-2006-0525

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.

4.6CVSS6.6AI score0.00237EPSS
CVE
CVE
added 2017/04/12 2:59 p.m.65 views

CVE-2017-3029

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream.

4.3CVSS6.1AI score0.01492EPSS
CVE
CVE
added 2021/02/11 8:15 p.m.64 views

CVE-2021-21060

Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the...

4.6CVSS5.8AI score0.00232EPSS
CVE
CVE
added 2021/09/29 4:15 p.m.64 views

CVE-2021-39857

Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to check for existence of ...

4.3CVSS5.2AI score0.01153EPSS
CVE
CVE
added 2021/09/02 5:15 p.m.63 views

CVE-2021-28557

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to leak sensitive system information in the context of t...

4.3CVSS5.6AI score0.01316EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.62 views

CVE-2015-6699

The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive informat...

4.3CVSS5.7AI score0.01851EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.62 views

CVE-2015-6701

The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtai...

4.3CVSS5.7AI score0.01851EPSS
CVE
CVE
added 2014/05/14 11:13 a.m.61 views

CVE-2014-0521

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.

4.3CVSS5.8AI score0.18302EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.60 views

CVE-2015-6702

The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information...

4.3CVSS5.7AI score0.01851EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.59 views

CVE-2015-6703

The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information f...

4.3CVSS5.7AI score0.01851EPSS
CVE
CVE
added 2010/10/06 5:0 p.m.58 views

CVE-2010-3657

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3656.

4.3CVSS6.2AI score0.01584EPSS
CVE
CVE
added 2011/06/16 11:55 p.m.58 views

CVE-2011-2104

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.

4.3CVSS6.4AI score0.02033EPSS
CVE
CVE
added 2021/09/29 4:15 p.m.58 views

CVE-2021-39844

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue req...

4.3CVSS3.5AI score0.0071EPSS
CVE
CVE
added 2020/11/05 8:15 p.m.57 views

CVE-2020-24427

Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. An attacker could leverage this vulnerability ...

4.3CVSS4.8AI score0.01057EPSS
CVE
CVE
added 2022/01/14 8:15 p.m.57 views

CVE-2021-44714

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which ...

4.3CVSS3.4AI score0.00527EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.56 views

CVE-2002-0030

The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.

4.6CVSS7.3AI score0.00217EPSS
CVE
CVE
added 2014/09/26 10:55 a.m.56 views

CVE-2014-5315

Cross-site scripting (XSS) vulnerability in the Help page in Adobe Acrobat 9.5.2 and earlier and ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.6AI score0.00649EPSS
CVE
CVE
added 2015/10/14 11:59 p.m.56 views

CVE-2015-6704

The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive in...

4.3CVSS5.7AI score0.01851EPSS
CVE
CVE
added 2020/11/05 8:15 p.m.56 views

CVE-2020-24438

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicio...

4.3CVSS4.5AI score0.01183EPSS
CVE
CVE
added 2009/10/19 10:30 p.m.55 views

CVE-2009-2988

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.

4.3CVSS6.1AI score0.01341EPSS
CVE
CVE
added 2010/10/06 5:0 p.m.55 views

CVE-2010-3656

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657.

4.3CVSS6.2AI score0.01584EPSS
CVE
CVE
added 2007/01/03 9:28 p.m.54 views

CVE-2007-0044

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character...

4.3CVSS6.2AI score0.54871EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.53 views

CVE-2011-0587

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604.

4.3CVSS5.6AI score0.01393EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.53 views

CVE-2011-0604

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587.

4.3CVSS5.6AI score0.01393EPSS
CVE
CVE
added 2021/09/29 4:15 p.m.53 views

CVE-2021-39858

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue req...

4.3CVSS4.9AI score0.0071EPSS
Total number of security vulnerabilities57