CVSS: 9.6EPSS: 35%CPEs: 12EXPL: 0CVE-2021-28550 – Adobe Acrobat and Reader Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-28550
02 Sep 2021 — Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20150 (y anteriores), versiones 2020.001.30020 (y anteriores) y ver... • https://helpx.adobe.com/security/products/acrobat/apsb21-29.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 2%CPEs: 12EXPL: 0CVE-2021-28555 – Adobe Acrobat Reader out-of-bounds Read could lead to information disclosure
https://notcve.org/view.php?id=CVE-2021-28555
02 Sep 2021 — Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20150 (y anteriores), versiones 2020.001.30020 (y anteriore... • https://helpx.adobe.com/security/products/acrobat/apsb21-29.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 41%CPEs: 12EXPL: 0CVE-2021-28558 – Adobe Acrobat Reader heap-based buffer overflow could lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-28558
02 Sep 2021 — Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Heap-based buffer overflow vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20150 (y anteriores), vers... • https://helpx.adobe.com/security/products/acrobat/apsb21-29.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28546 – Acrobat Reader DC Missing Support for Integrity Check
https://notcve.org/view.php?id=CVE-2021-28546
01 Apr 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.001.30018 (y anteriores) y v... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-353: Missing Support for Integrity Check •
CVSS: 8.1EPSS: 1%CPEs: 8EXPL: 0CVE-2021-28545 – Acrobat Reader DC Missing Support for Integrity Check
https://notcve.org/view.php?id=CVE-2021-28545
01 Apr 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker would have the ability to completely manipulate data in a certified PDF without invalidating the original certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file. Las versiones de Acrobat Reader DC 2020.013.20074 (y anteriores), 2020.001.30018 (y anterior... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-353: Missing Support for Integrity Check •
CVSS: 7.8EPSS: 13%CPEs: 8EXPL: 2CVE-2021-21086 – Adobe Reader CoolType Arbitrary Stack Manipulation
https://notcve.org/view.php?id=CVE-2021-21086
18 Mar 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.... • https://packetstorm.news/files/id/161857 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 2%CPEs: 8EXPL: 0CVE-2020-29075 – PDF Injection BlackHat Talk
https://notcve.org/view.php?id=CVE-2020-29075
23 Feb 2021 — Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability. Acrobat Reader DC versiones 2020.013.20066 (y anteriores), versiones 2020.001.30010 (y anteriores) y versiones 2017.011... • https://helpx.adobe.com/security/products/acrobat/apsb20-75.html • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 2%CPEs: 8EXPL: 0CVE-2021-21063 – Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-21063
11 Feb 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC, versiones 2020.013.20074 (y anteriores),... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 8EXPL: 0CVE-2021-21062 – Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-21062
11 Feb 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC, versiones 2020.013.20074 (y anteriores),... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0CVE-2021-21059 – Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-21059
11 Feb 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC, versiones 2020.013.20074 (y anteriores),... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-787: Out-of-bounds Write •