Skip to main content
CVE-2016-4229 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.3%.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
75.3%
Threat
5.5
CVE-2016-4228 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.3%.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
75.3%
Threat
5.5
CVE-2016-4226 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.3%.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
75.3%
Threat
5.5
CVE-2016-4231 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 67.4%.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
67.4%
Threat
5.3
CVE-2016-4227 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 67.4%.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
67.4%
Threat
5.3
CVE-2016-4230 HIGH POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 65.4%.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
65.4%
Threat
5.2
CVE-2016-4179 HIGH POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.2%.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
50.2%
Threat
4.8
CVE-2016-4175 HIGH POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.2%.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
50.2%
Threat
4.8
CVE-2016-4177 HIGH POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 48.2%.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
48.2%
Threat
4.7
CVE-2016-4176 HIGH POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 48.2%.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
48.2%
Threat
4.7
CVE-2016-3282 HIGH Act Now

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 54.6% and no vendor patch available.

RCE Buffer Overflow Microsoft Office Office Compatibility Pack +8
NVD
CVSS 3.0
7.8
EPSS
54.6%
CVE-2016-4203 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.0%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
24.0%
Threat
4.2
CVE-2016-3281 HIGH Act Now

Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 48.4% and no vendor patch available.

RCE Buffer Overflow Microsoft Office Office Web Apps +4
NVD
CVSS 3.0
7.8
EPSS
48.4%
CVE-2016-4232 HIGH POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.7%.

Adobe Information Disclosure Microsoft Flash Player Desktop Runtime Flash Player
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
29.7%
CVE-2016-4208 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
15.1%
CVE-2016-4207 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
15.1%
CVE-2016-4206 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
15.1%
CVE-2016-4205 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
15.1%
CVE-2016-4204 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
15.1%
CVE-2016-4201 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
15.1%
CVE-2016-3284 HIGH Act Now

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 30.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Excel Excel For Mac +3
NVD
CVSS 3.0
7.8
EPSS
30.0%
CVE-2016-3283 HIGH Act Now

Microsoft Word Viewer allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 30.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Word Viewer
NVD
CVSS 3.0
7.8
EPSS
30.0%
CVE-2016-3280 HIGH Act Now

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 30.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Office Office Compatibility Pack +4
NVD
CVSS 3.0
7.8
EPSS
30.0%
CVE-2016-3255 HIGH Act Now

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 29.5% and no vendor patch available.

XXE Information Disclosure Microsoft Net Framework
NVD
CVSS 3.0
7.5
EPSS
29.5%
CVE-2016-3204 HIGH Act Now

The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
22.8%
CVE-2016-3260 HIGH PATCH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.4%.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
8.8
EPSS
20.4%
CVE-2016-3248 HIGH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
8.8
EPSS
20.4%
CVE-2016-3265 HIGH PATCH Act Now

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 20.1%.

Denial Of Service RCE Buffer Overflow Microsoft Edge
NVD
CVSS 3.0
8.8
EPSS
20.1%
CVE-2016-3278 HIGH Act Now

Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 24.4% and no vendor patch available.

RCE Buffer Overflow Microsoft Outlook Outlook Rt
NVD
CVSS 3.0
7.8
EPSS
24.4%
CVE-2016-3261 MEDIUM This Month

Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 36.7% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
36.7%
CVE-2016-3259 HIGH PATCH Act Now

The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 18.1%.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
8.8
EPSS
18.1%
CVE-2016-3269 HIGH PATCH Act Now

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 17.9%.

Denial Of Service RCE Buffer Overflow Microsoft Edge
NVD
CVSS 3.0
8.8
EPSS
17.9%
CVE-2016-3279 MEDIUM This Month

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 34.4% and no vendor patch available.

RCE Microsoft Excel Excel Rt Office +6
NVD
CVSS 3.0
5.5
EPSS
34.4%
CVE-2016-5821 HIGH POC This Week

Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Huawei Hisuite
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-3277 MEDIUM This Month

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 32.5% and no vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 3.0
5.3
EPSS
32.5%
CVE-2016-3271 MEDIUM This Month

The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability.". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 26.0% and no vendor patch available.

Information Disclosure Microsoft Edge
NVD
CVSS 3.0
6.5
EPSS
26.0%
CVE-2016-3264 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 18.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
18.3%
CVE-2016-3238 HIGH Act Now

The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.2% and no vendor patch available.

RCE Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
8.1
EPSS
15.2%
CVE-2016-4182 HIGH PATCH Act Now

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 11.5%.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
11.5%
CVE-2016-4249 HIGH PATCH Act Now

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.4%.

Memory Corruption RCE Buffer Overflow Microsoft Adobe +2
NVD
CVSS 3.1
8.8
EPSS
10.4%
CVE-2016-4209 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe Buffer Overflow RCE Microsoft Acrobat +3
NVD
CVSS 3.0
9.8
EPSS
5.0%
CVE-2016-3246 HIGH Act Now

Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
15.9%
CVE-2016-4188 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Denial Of Service Buffer Overflow Microsoft +3
NVD
CVSS 3.1
8.8
EPSS
8.8%
CVE-2016-4210 CRITICAL PATCH Act Now

Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Adobe Buffer Overflow RCE Microsoft Acrobat +3
NVD
CVSS 3.0
9.8
EPSS
3.8%
CVE-2016-4248 HIGH PATCH This Week

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +2
NVD
CVSS 3.1
8.8
EPSS
8.3%
CVE-2016-4254 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2016-4252 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2016-4250 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2016-4214 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2016-4213 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
9.8
EPSS
3.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy