CVSS: 9.3EPSS: 78%CPEs: 12EXPL: 0CVE-2021-44703 – Adobe Acrobat Pro DC Stack Overflow Vulnerability Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44703
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.3020... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2021-45067 – Adobe Acrobat Reader Memory Corruption could lead to Information Disclosure
https://notcve.org/view.php?id=CVE-2021-45067
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anterio... • https://github.com/hacksysteam/CVE-2021-45067 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44712 – Adobe Acrobat Reader Memory Corruption could lead to Application denial-of-service
https://notcve.org/view.php?id=CVE-2021-44712
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anteriores), están afectadas por una vulnerabilida... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44713 – Adobe Acrobat Reader DC Use After Free could lead to Application denial-of-service
https://notcve.org/view.php?id=CVE-2021-44713
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in application denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anteriores), están afectadas por una v... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44742 – Adobe Reader Out-of-bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44742
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y ant... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44704 – Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44704
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anterior... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44708 – Adobe Acrobat Pro DC Heap Overflow could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44708
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y ant... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2021-44739 – Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Auth leak vulnerability
https://notcve.org/view.php?id=CVE-2021-44739
14 Jan 2022 — Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. Acrobat Reader DC ActiveX Control versiones 21.007.20099 (y anterio... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44715 – Adobe Acrobat Reader DC Out-of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-44715
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versio... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2021-44702 – Adobe Acrobat Reader DC add-on (AxAcroPDFLib.AxAcroPDF) for Internet Explorer LoadFile NTLMv2 SSO Auth leak vulnerability
https://notcve.org/view.php?id=CVE-2021-44702
14 Jan 2022 — Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page. Acrobat Reader DC ActiveX Control versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y version... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •