CVSS: 9.3EPSS: 2%CPEs: 38EXPL: 0CVE-2016-0937 – Adobe Acrobat Pro DC OCG Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0937
12 Jan 2016 — Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941. Vulnerabilidad de uso después de liberación de memoria en la implementación del objeto OCG en Adobe... • http://www.securitytracker.com/id/1034646 •
CVSS: 9.3EPSS: 1%CPEs: 38EXPL: 0CVE-2016-0938 – Adobe Reader DC Forms Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0938
12 Jan 2016 — The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. El plugin AcroForm en Adobe Read... • http://www.securitytracker.com/id/1034646 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 38EXPL: 0CVE-2016-0939 – Adobe Acrobat Reader DC Uninitialized Memory Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0939
12 Jan 2016 — Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. Adobe Reader y Acr... • http://www.securitytracker.com/id/1034646 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 38EXPL: 0CVE-2016-0941 – Adobe Acrobat Reader DC Search Query Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0941
12 Jan 2016 — Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940. Vulnerabilidad de uso después de liberación de memoria en la implementación del objeto Search en... • http://www.securitytracker.com/id/1034646 •
CVSS: 8.8EPSS: 0%CPEs: 38EXPL: 0CVE-2016-0943 – Adobe Reader DC Global Javascript API Restrictions Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2016-0943
12 Jan 2016 — Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors. Adobe Reader y Acrobat en versiones anteriores a 11.0.14, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30119 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15... • http://www.securitytracker.com/id/1034646 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 1%CPEs: 20EXPL: 0CVE-2014-9150
https://notcve.org/view.php?id=CVE-2014-9150
30 Nov 2014 — Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568. Condición de carrera en la caracteristica 'MoveFileEx call hook' en Adobe Reader and Acrobat 11.x anterior a 11.0.09 en Windows permite a atacantes remotos evadir el mecanismo de protección de sandbox, y como consecuencia es... • http://helpx.adobe.com/security/products/reader/apsb14-28.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 13%CPEs: 79EXPL: 0CVE-2012-4363 – Gentoo Linux Security Advisory 201308-03
https://notcve.org/view.php?id=CVE-2012-4363
21 Aug 2012 — Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems." Múltiples vulnerabilidades no especificadas en Adobe Reader through v10.1.4 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un documento PDF ma... • http://gynvael.coldwind.pl/?id=483 •
CVSS: 10.0EPSS: 93%CPEs: 6EXPL: 1CVE-2011-2462 – Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2011-2462
07 Dec 2011 — Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. Vulnerabilidad no especificada en el componente de U3D en Adobe Reader y Acrobat v10.1.1 y versiones anteriores para Windows y Mac OS X, y Adobe Reader v9.x hasta v9.4.6 en UNIX, permite... • https://www.exploit-db.com/exploits/18366 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 1%CPEs: 138EXPL: 0CVE-2011-2107 – flash-plugin: Cross-site scripting vulnerability (APSB11-13)
https://notcve.org/view.php?id=CVE-2011-2107
07 Jun 2011 — Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability." Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe Flash Player anteriores a v10.3.181.22 en Windows, Mac OS X, Linux, y Solaris, y v10.3.185.22 y ant... • http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 63%CPEs: 164EXPL: 0CVE-2010-2884 – Flash: crash or potential arbitrary code execution (APSB10-22)
https://notcve.org/view.php?id=CVE-2010-2884
15 Sep 2010 — Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. Vulnerabilidad sin especificar en Adobe Flash Player v10.1.82.76 y anteriores para Windows, ... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html •