Skip to main content
CVE-2019-12150 CRITICAL POC Act Now

Karamasoft UltimateEditor 1 does not ensure that an uploaded file is an image or document (neither file types nor extensions are restricted). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Ultimateeditor
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-12314 CRITICAL POC THREAT Act Now

Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Maconomy
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
84.2%
CVE-2019-11875 HIGH POC This Week

In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a vulnerability in access control can be exploited to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Robotic Process Automation
NVD
CVSS 3.0
8.8
EPSS
2.3%
CVE-2019-12155 HIGH POC PATCH This Week

interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Qemu
NVD
CVSS 3.0
7.5
EPSS
5.5%
CVE-2019-12312 HIGH POC PATCH This Week

In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon restart. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Microsoft Libreswan
NVD GitHub
CVSS 3.0
7.5
EPSS
2.7%
CVE-2019-10143 HIGH POC This Week

It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Privilege Escalation Freeradius Fedora Enterprise Linux
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2019-10685 MEDIUM POC This Month

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Prinect Archiver
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
2.3%
CVE-2019-11604 MEDIUM POC This Month

An issue was discovered in Quest KACE Systems Management Appliance before 9.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Kace Systems Management Appliance
NVD
CVSS 3.0
6.1
EPSS
1.8%
CVE-2019-11876 MEDIUM POC PATCH This Month

In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation script/component is affected by Reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Prestashop Drupal
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-7095 CRITICAL Act Now

Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Digital Editions
NVD
CVSS 3.0
9.8
EPSS
8.7%
CVE-2019-7094 CRITICAL Act Now

Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
9.8
EPSS
6.4%
CVE-2019-7091 CRITICAL Act Now

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Coldfusion
NVD
CVSS 3.0
9.8
EPSS
25.7%
CVE-2019-7087 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

RCE Adobe Memory Corruption Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7086 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

RCE Adobe Memory Corruption Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7085 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
5.6%
CVE-2019-7084 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7083 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7082 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7080 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a double free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
4.8%
CVE-2019-7076 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7068 CRITICAL Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7066 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7062 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7060 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Memory Corruption Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
4.6%
CVE-2019-7054 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
5.0%
CVE-2019-7052 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Memory Corruption Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
4.0%
CVE-2019-7051 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7050 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7046 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7040 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
5.5%
CVE-2019-7039 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Memory Corruption Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
4.3%
CVE-2019-7037 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Memory Corruption Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
4.0%
CVE-2019-7031 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7029 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7816 CRITICAL Act Now

ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload RCE Coldfusion
NVD
CVSS 3.0
9.8
EPSS
67.1%
CVE-2019-7027 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Memory Corruption Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
4.6%
CVE-2019-7026 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7025 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-7020 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
5.6%
CVE-2019-7019 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Memory Corruption Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
4.6%
CVE-2019-7018 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-2245 CRITICAL PATCH Act Now

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware +39
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2019-2244 CRITICAL Act Now

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware +39
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2019-7079 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Adobe Memory Corruption Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
3.5%
CVE-2019-7078 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
8.8
EPSS
3.9%
CVE-2019-7077 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
8.8
EPSS
3.9%
CVE-2019-7072 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
8.8
EPSS
4.5%
CVE-2019-7070 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
8.8
EPSS
4.5%
CVE-2019-7069 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

RCE Adobe Memory Corruption Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
8.8
EPSS
4.5%
CVE-2019-7048 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
8.8
EPSS
3.9%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy