Skip to main content

Acrobat Reader

801 CVEs product

Monthly

CVE-2015-4448 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2015-4447 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
10.0
EPSS
6.1%
CVE-2015-4446 HIGH PATCH This Week

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Adobe Privilege Escalation Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2015-4445 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
10.0
EPSS
4.1%
CVE-2015-4444 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Adobe Denial Of Service Null Pointer Dereference Microsoft Acrobat +3
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2015-4443 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Adobe Denial Of Service Null Pointer Dereference Microsoft Acrobat +3
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2015-4441 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.9%
CVE-2015-4438 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
10.0
EPSS
4.1%
CVE-2015-4435 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Reader +2
NVD
CVSS 2.0
10.0
EPSS
4.1%
CVE-2015-3095 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
3.4%
CVE-2014-8450 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.8%
CVE-2015-3076 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
12.3%
CVE-2015-3075 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
7.4%
CVE-2015-3074 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3073 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 31.1%.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
31.1%
Threat
4.4
CVE-2015-3072 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3071 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3070 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
12.3%
CVE-2015-3069 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3068 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3067 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3066 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3065 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3064 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3063 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3062 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3061 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3060 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3059 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3058 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
5.7%
CVE-2015-3057 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
5.0%
CVE-2015-3056 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
5.0%
CVE-2015-3055 HIGH PATCH This Week

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
7.5
EPSS
2.0%
CVE-2015-3054 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2015-3053 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
3.1%
CVE-2015-3052 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
12.3%
CVE-2015-3051 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
12.3%
CVE-2015-3050 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
12.3%
CVE-2015-3049 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
12.3%
CVE-2015-3048 CRITICAL PATCH Act Now

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.9%.

Adobe Buffer Overflow RCE Microsoft Acrobat +3
NVD
CVSS 2.0
10.0
EPSS
13.9%
CVE-2015-3047 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Denial Of Service Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
4.3%
CVE-2015-3046 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
12.3%
CVE-2014-9160 CRITICAL PATCH Act Now

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 49.3%.

Adobe Buffer Overflow RCE Microsoft Acrobat Reader +3
NVD
CVSS 2.0
10.0
EPSS
49.3%
CVE-2014-9161 CRITICAL Act Now

CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Adobe Buffer Overflow Microsoft Acrobat Reader +1
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2014-9165 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
17.0%
CVE-2014-9159 CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.5% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat +3
NVD
CVSS 2.0
10.0
EPSS
27.5%
CVE-2014-9158 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
13.5%
CVE-2014-8461 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8460 CRITICAL Emergency

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.1% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat Reader +3
NVD
CVSS 2.0
10.0
EPSS
30.1%
CVE-2014-8459 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8458 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8457 CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.0% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat +3
NVD
CVSS 2.0
10.0
EPSS
23.0%
CVE-2014-8456 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8455 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
17.0%
CVE-2014-8454 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
17.0%
CVE-2014-8453 MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
7.7%
CVE-2014-8452 MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XXE Information Disclosure Microsoft Acrobat Reader +3
NVD
CVSS 2.0
5.0
EPSS
9.6%
CVE-2014-8451 MEDIUM This Month

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.0% and no vendor patch available.

Adobe Information Disclosure Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
19.0%
CVE-2014-8449 CRITICAL Emergency

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 34.6% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Mac Os X +2
NVD
CVSS 2.0
10.0
EPSS
34.6%
CVE-2014-8448 MEDIUM This Month

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.0% and no vendor patch available.

Adobe Information Disclosure Microsoft Acrobat Mac Os X +2
NVD
CVSS 2.0
5.0
EPSS
19.0%
CVE-2014-8447 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-8446 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 22.2% and no vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
22.2%
CVE-2014-8445 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
17.2%
CVE-2014-9150 MEDIUM PATCH This Month

Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe Race Condition Authentication Bypass Microsoft Acrobat Reader +1
NVD
CVSS 2.0
6.4
EPSS
1.7%
CVE-2014-0568 CRITICAL PATCH Act Now

The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft Acrobat Reader Acrobat
NVD
CVSS 2.0
10.0
EPSS
5.4%
CVE-2014-0567 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.3%.

Adobe Buffer Overflow RCE Microsoft Acrobat +1
NVD
CVSS 2.0
10.0
EPSS
30.3%
CVE-2014-0566 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
4.3%
CVE-2014-0565 CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.0%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
25.0%
CVE-2014-0563 HIGH PATCH This Week

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Adobe Buffer Overflow Microsoft Acrobat +1
NVD
CVSS 2.0
7.8
EPSS
1.7%
CVE-2014-0562 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Adobe Acrobat Reader Acrobat
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-0561 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 37.5%.

Adobe Buffer Overflow RCE Microsoft Acrobat Reader +1
NVD
CVSS 2.0
10.0
EPSS
37.5%
CVE-2014-0560 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.1%.

Adobe RCE Microsoft Acrobat Reader Acrobat
NVD
CVSS 2.0
10.0
EPSS
13.1%
CVE-2014-0529 CRITICAL Act Now

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat +1
NVD
CVSS 2.0
10.0
EPSS
14.8%
CVE-2014-0528 CRITICAL Act Now

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Acrobat
NVD
CVSS 2.0
10.0
EPSS
14.8%
CVE-2014-0527 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe RCE Microsoft Acrobat Acrobat Reader
NVD
CVSS 2.0
10.0
EPSS
6.7%
CVE-2014-0526 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.5% and no vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
12.5%
CVE-2014-0525 CRITICAL Emergency

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.3% and no vendor patch available.

Adobe Privilege Escalation RCE Microsoft Acrobat Reader +1
NVD
CVSS 2.0
10.0
EPSS
31.3%
CVE-2014-0524 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
8.3%
CVE-2014-0523 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
8.3%
CVE-2014-0522 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
8.3%
CVE-2014-0521 MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.3% and no vendor patch available.

Adobe Information Disclosure Microsoft Acrobat Reader Acrobat
NVD
CVSS 2.0
4.3
EPSS
18.3%
CVE-2014-0512 CRITICAL Act Now

Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Acrobat Reader
NVD VulDB
CVSS 2.0
10.0
EPSS
2.8%
CVE-2014-0511 CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.7% and no vendor patch available.

Adobe Buffer Overflow RCE Acrobat Reader
NVD VulDB
CVSS 2.0
10.0
EPSS
24.7%
CVE-2013-1376 CRITICAL Act Now

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.0% and no vendor patch available.

Buffer Overflow Adobe RCE Acrobat Reader Acrobat
NVD
CVSS 2.0
10.0
EPSS
23.0%
CVE-2013-5325 CRITICAL Act Now

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Microsoft Adobe RCE Acrobat +1
NVD
CVSS 2.0
9.3
EPSS
0.8%
CVE-2013-3358 CRITICAL PATCH Act Now

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 37.5%.

Adobe Microsoft RCE Acrobat Acrobat Reader
NVD
CVSS 2.0
10.0
EPSS
37.5%
CVE-2013-3357 CRITICAL PATCH Act Now

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 37.5%.

Adobe Microsoft RCE Acrobat Acrobat Reader
NVD
CVSS 2.0
10.0
EPSS
37.5%
CVE-2013-3356 CRITICAL PATCH Act Now

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 44.0%.

Buffer Overflow Adobe Microsoft RCE Acrobat +1
NVD
CVSS 2.0
10.0
EPSS
44.0%
CVE-2013-3355 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.1%.

Denial Of Service Buffer Overflow Adobe Microsoft RCE +2
NVD
CVSS 2.0
10.0
EPSS
26.1%
CVE-2013-3354 CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.1%.

Denial Of Service Buffer Overflow Adobe Microsoft RCE +2
NVD
CVSS 2.0
10.0
EPSS
26.1%
EPSS 3% CVSS 10.0
CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +6
NVD
EPSS 6% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft +4
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Adobe Privilege Escalation Microsoft +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft +4
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Adobe Denial Of Service Null Pointer Dereference +5
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Adobe Denial Of Service Null Pointer Dereference +5
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft +4
NVD
EPSS 3% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 3% CVSS 5.0
MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft +4
NVD
EPSS 12% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 7% CVSS 10.0
CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +6
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 31% 4.4 CVSS 10.0
CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 31.1%.

Microsoft Adobe Authentication Bypass +4
NVD Exploit-DB
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 12% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Adobe Authentication Bypass +4
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +6
NVD
EPSS 6% CVSS 5.0
MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft +4
NVD
EPSS 5% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 5% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +6
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft +4
NVD
EPSS 3% CVSS 10.0
CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free +6
NVD
EPSS 12% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 12% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 12% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 12% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 14% CVSS 10.0
CRITICAL PATCH Act Now

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.9%.

Adobe Buffer Overflow RCE +5
NVD
EPSS 4% CVSS 5.0
MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Denial Of Service Microsoft +4
NVD
EPSS 12% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.3%.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 49% CVSS 10.0
CRITICAL PATCH Act Now

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 49.3%.

Adobe Buffer Overflow RCE +5
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Adobe Buffer Overflow +3
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft +4
NVD
EPSS 27% CVSS 10.0
CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.5% and no vendor patch available.

Adobe Buffer Overflow RCE +5
NVD
EPSS 14% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

RCE Denial Of Service Code Injection +7
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection +7
NVD
EPSS 30% CVSS 10.0
CRITICAL Emergency

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.1% and no vendor patch available.

Adobe Buffer Overflow RCE +5
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection +7
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection +7
NVD
EPSS 23% CVSS 10.0
CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.0% and no vendor patch available.

Adobe Buffer Overflow RCE +5
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection +7
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft +4
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.0% and no vendor patch available.

Adobe RCE Microsoft +4
NVD
EPSS 8% CVSS 5.0
MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Microsoft +4
NVD
EPSS 10% CVSS 5.0
MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe XXE Information Disclosure +5
NVD
EPSS 19% CVSS 5.0
MEDIUM This Month

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.0% and no vendor patch available.

Adobe Information Disclosure Microsoft +4
NVD
EPSS 35% CVSS 10.0
CRITICAL Emergency

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 34.6% and no vendor patch available.

Adobe RCE Microsoft +4
NVD
EPSS 19% CVSS 5.0
MEDIUM This Month

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.0% and no vendor patch available.

Adobe Information Disclosure Microsoft +4
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection +7
NVD
EPSS 22% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 22.2% and no vendor patch available.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 17% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 17.2% and no vendor patch available.

RCE Denial Of Service Code Injection +7
NVD
EPSS 2% CVSS 6.4
MEDIUM PATCH This Month

Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Adobe Race Condition Authentication Bypass +3
NVD
EPSS 5% CVSS 10.0
CRITICAL PATCH Act Now

The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft +2
NVD
EPSS 30% CVSS 10.0
CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.3%.

Adobe Buffer Overflow RCE +3
NVD
EPSS 4% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow +6
NVD
EPSS 25% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.0%.

RCE Denial Of Service Buffer Overflow +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Adobe Buffer Overflow +3
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Adobe Acrobat Reader +1
NVD
EPSS 37% CVSS 10.0
CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 37.5%.

Adobe Buffer Overflow RCE +3
NVD
EPSS 13% CVSS 10.0
CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 13.1%.

Adobe RCE Microsoft +2
NVD
EPSS 15% CVSS 10.0
CRITICAL Act Now

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Adobe Buffer Overflow RCE +3
NVD
EPSS 15% CVSS 10.0
CRITICAL Act Now

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Adobe RCE Microsoft +2
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe RCE Microsoft +2
NVD
EPSS 12% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.5% and no vendor patch available.

RCE Denial Of Service Buffer Overflow +4
NVD
EPSS 31% CVSS 10.0
CRITICAL Emergency

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.3% and no vendor patch available.

Adobe Privilege Escalation RCE +3
NVD
EPSS 8% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow +4
NVD
EPSS 8% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow +4
NVD
EPSS 8% CVSS 10.0
CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow +4
NVD
EPSS 18% CVSS 4.3
MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.3% and no vendor patch available.

Adobe Information Disclosure Microsoft +2
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Privilege Escalation Acrobat Reader
NVD VulDB
EPSS 25% CVSS 10.0
CRITICAL Act Now

Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.7% and no vendor patch available.

Adobe Buffer Overflow RCE +1
NVD VulDB
EPSS 23% CVSS 10.0
CRITICAL Act Now

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.0% and no vendor patch available.

Buffer Overflow Adobe RCE +2
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Microsoft Adobe +3
NVD
EPSS 38% CVSS 10.0
CRITICAL PATCH Act Now

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 37.5%.

Adobe Microsoft RCE +2
NVD
EPSS 38% CVSS 10.0
CRITICAL PATCH Act Now

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 37.5%.

Adobe Microsoft RCE +2
NVD
EPSS 44% CVSS 10.0
CRITICAL PATCH Act Now

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 44.0%.

Buffer Overflow Adobe Microsoft +3
NVD
EPSS 26% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.1%.

Denial Of Service Buffer Overflow Adobe +4
NVD
EPSS 26% CVSS 10.0
CRITICAL PATCH Act Now

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.1%.

Denial Of Service Buffer Overflow Adobe +4
NVD
Prev Page 8 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy