Skip to main content
CVE-2016-1048 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe RCE Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2016-1047 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe RCE Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2016-1046 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe RCE Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2016-1045 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe RCE Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2016-1074 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2016-1114 CRITICAL Act Now

Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Adobe Java Apache Coldfusion
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2016-1112 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2016-1095 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1080 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1078 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1076 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1073 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1072 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1071 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1063 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1037 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2016-1041 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Acrobat Dc +2
NVD
CVSS 3.0
10.0
EPSS
0.9%
CVE-2016-1040 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2016-1117 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-1062 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-1042 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-1039 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Acrobat Dc +2
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2016-0149 MEDIUM This Month

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.8% and no vendor patch available.

Information Disclosure Microsoft Net Framework
NVD
CVSS 3.0
5.9
EPSS
15.8%
CVE-2016-4110 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1110 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1109 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1108 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1107 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1097 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-3710 HIGH PATCH This Week

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Debian Linux Helion Openstack Ubuntu Linux +12
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2016-0152 HIGH This Week

Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Microsoft Windows Server 2008 Windows Vista
NVD
CVSS 3.0
7.8
EPSS
5.0%
CVE-2016-4115 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4114 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4113 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4112 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4111 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4109 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4116 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.1%
CVE-2016-0174 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2016-0196 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2016-0197 HIGH This Week

dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2016-0180 HIGH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2016-1079 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2016-1092 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2016-4106 HIGH PATCH This Week

Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2016-1090 HIGH PATCH This Week

Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2016-1087 HIGH PATCH This Week

Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2016-0176 HIGH This Week

dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +3
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2016-1115 MEDIUM This Month

Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Coldfusion
NVD
CVSS 3.1
5.9
EPSS
2.5%
CVE-2016-1113 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Adobe Coldfusion
NVD
CVSS 3.1
6.1
EPSS
1.2%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy