CVSS: 7.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28247 – Adobe Acrobat Uninstaller Hard Link Leads To Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-28247
11 May 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges. Acrobat Reader DC versiones 22.001.2011x (y anteriores), 20.005.3033x (y anteriores) y 17.012.3022x (y anteriores), están afectadas por una vulnerabilidad de ruta de búsqueda no... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.3EPSS: 1%CPEs: 14EXPL: 0CVE-2022-28244 – Adobe Acrobat Reader DC CSP Bypass Leads To Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-28244
11 May 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker's server. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.00... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-657: Violation of Secure Design Principles •
CVSS: 9.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28234 – Adobe Acrobat Reader DC Heap Overflow Could Lead to RCE
https://notcve.org/view.php?id=CVE-2022-28234
11 May 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), está... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28837 – Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28837
10 May 2022 — Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Pro DC versiones 22.001.2011x (y anteriores), 20.005.3033x (y anteriores) y 17.012.3022x (y anteriores), están afecta... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 4%CPEs: 14EXPL: 0CVE-2022-28838 – Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28838
10 May 2022 — Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Pro DC versiones 22.001.2011x (y anteriores), 20.005.3033x (y anteriores) y 17.012.3022x (y anteriores), están afectadas por una vulnerabilidad de uso de memori... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28245 – Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28245
28 Apr 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.2011x (y anteriores), 20.005... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28259 – Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28259
28 Apr 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.2011x (y anteriores), 20.005... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28260 – Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28260
28 Apr 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.2011x (y anteriores), 20.005... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 2%CPEs: 14EXPL: 0CVE-2022-28268 – Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28268
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), ... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 5%CPEs: 14EXPL: 0CVE-2022-27802 – Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27802
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas por una... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •