Acrobat Security Vulnerabilities and Issues — Acrobat CVE List

Lucene search

AdobeAcrobat

43 matches found

CVE•added 2014/01/15 4:13 p.m.•1046 views

CVE-2014-0496

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.4AI score0.71123EPSS

CVE•added 2014/08/12 9:55 p.m.•849 views

CVE-2014-0546

Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.

10CVSS6.8AI score0.16664EPSS

CVE•added 2014/01/15 4:13 p.m.•130 views

CVE-2014-0495

Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0493.

10CVSS7.7AI score0.12554EPSS

CVE•added 2014/01/15 4:13 p.m.•84 views

CVE-2014-0493

10CVSS7.7AI score0.12554EPSS

CVE•added 2014/09/17 10:55 a.m.•81 views

CVE-2014-0567

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561.

10CVSS7.9AI score0.41354EPSS

CVE•added 2014/09/17 10:55 a.m.•80 views

CVE-2014-0568

The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.

10CVSS6.7AI score0.06357EPSS

CVE•added 2014/09/17 10:55 a.m.•77 views

CVE-2014-0566

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565.

10CVSS7.7AI score0.21346EPSS

CVE•added 2014/09/17 10:55 a.m.•74 views

CVE-2014-0565

10CVSS7.7AI score0.21346EPSS

CVE•added 2014/05/14 11:13 a.m.•69 views

CVE-2014-0526

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0524.

10CVSS9.6AI score0.13018EPSS

CVE•added 2014/05/14 11:13 a.m.•67 views

CVE-2014-0524

10CVSS7.7AI score0.13018EPSS

CVE•added 2014/05/14 11:13 a.m.•65 views

CVE-2014-0522

10CVSS7.7AI score0.13018EPSS

CVE•added 2014/05/14 11:13 a.m.•65 views

CVE-2014-0528

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.5AI score0.14838EPSS

CVE•added 2014/05/14 11:13 a.m.•65 views

CVE-2014-0529

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.7AI score0.14798EPSS

CVE•added 2014/05/14 11:13 a.m.•63 views

CVE-2014-0525

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls.

10CVSS7.5AI score0.31313EPSS

CVE•added 2014/05/14 11:13 a.m.•61 views

CVE-2014-0521

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.

4.3CVSS5.8AI score0.18302EPSS

CVE•added 2014/12/10 9:59 p.m.•61 views

CVE-2014-8446

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE...

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•61 views

CVE-2014-9158

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•59 views

CVE-2014-8445

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE...

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•59 views

CVE-2014-8448

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451.

5CVSS5.8AI score0.24239EPSS

CVE•added 2014/12/10 9:59 p.m.•58 views

CVE-2014-8451

5CVSS5.8AI score0.24239EPSS

CVE•added 2014/05/14 11:13 a.m.•57 views

CVE-2014-0523

10CVSS7.7AI score0.13018EPSS

CVE•added 2014/12/10 9:59 p.m.•57 views

CVE-2014-8452

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

5CVSS6.5AI score0.10317EPSS

CVE•added 2014/05/14 11:13 a.m.•56 views

CVE-2014-0527

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.4AI score0.13117EPSS

CVE•added 2014/09/26 10:55 a.m.•56 views

CVE-2014-5315

Cross-site scripting (XSS) vulnerability in the Help page in Adobe Acrobat 9.5.2 and earlier and ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.6AI score0.00649EPSS

CVE•added 2014/12/10 9:59 p.m.•56 views

CVE-2014-8456

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-9159

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460.

10CVSS7.9AI score0.36278EPSS

CVE•added 2014/11/30 2:59 a.m.•53 views

CVE-2014-9150

Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568.

6.4CVSS6.7AI score0.06357EPSS

CVE•added 2014/12/10 9:59 p.m.•52 views

CVE-2014-8453

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

5CVSS6.6AI score0.10853EPSS

CVE•added 2014/12/10 9:59 p.m.•51 views

CVE-2014-8447

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•51 views

CVE-2014-8449

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS9.6AI score0.39126EPSS

CVE•added 2014/12/10 9:59 p.m.•51 views

CVE-2014-8454

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165.

10CVSS7.4AI score0.2145EPSS

CVE•added 2014/12/10 9:59 p.m.•51 views

CVE-2014-8459

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•51 views

CVE-2014-9165

10CVSS7.4AI score0.2145EPSS

CVE•added 2014/01/30 3:6 p.m.•48 views

CVE-2013-1376

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.

10CVSS7.6AI score0.23023EPSS

CVE•added 2014/09/17 10:55 a.m.•48 views

CVE-2014-0560

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.5AI score0.15201EPSS

CVE•added 2014/09/17 10:55 a.m.•48 views

CVE-2014-0561

10CVSS7.9AI score0.41354EPSS

CVE•added 2014/09/17 10:55 a.m.•48 views

CVE-2014-0562

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

4.3CVSS5.2AI score0.00649EPSS

CVE•added 2014/12/10 9:59 p.m.•48 views

CVE-2014-8458

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•47 views

CVE-2014-8455

10CVSS7.4AI score0.2145EPSS

CVE•added 2014/12/10 9:59 p.m.•46 views

CVE-2014-8460

10CVSS7.9AI score0.36278EPSS

CVE•added 2014/12/10 9:59 p.m.•46 views

CVE-2014-8461

10CVSS7.6AI score0.27545EPSS

CVE•added 2014/12/10 9:59 p.m.•45 views

CVE-2014-8457

10CVSS7.9AI score0.36278EPSS

CVE•added 2014/09/17 10:55 a.m.•43 views

CVE-2014-0563

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.

7.8CVSS6.4AI score0.01352EPSS