CVSS: 9.3EPSS: 19%CPEs: 14EXPL: 0CVE-2022-24102 – Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24102
28 Apr 2022 — Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 20.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas por una vulnerabilidad de uso de memoria... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28268 – Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28268
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), ... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2022-24092 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24092
18 Mar 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), 20.004.30017 (y anteriores) y 17.011.30204 (y anteriores), están afectadas por una vulnerabilidad de escr... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2022-24091 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24091
18 Mar 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), 20.004.30017 (y anteriores) y 17.011.30204 (y anteriores), están afectadas por una vulnerabilidad de escr... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44714 – Adobe Acrobat Reader Missing Custom Protocols in Warning Message Prompts
https://notcve.org/view.php?id=CVE-2021-44714
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as t... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-657: Violation of Secure Design Principles •
CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44710 – Adobe Acrobat Reader Use-after-free could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44710
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anterior... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44705 – Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44705
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anterior... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 78%CPEs: 12EXPL: 0CVE-2021-44703 – Adobe Acrobat Pro DC Stack Overflow Vulnerability Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44703
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.3020... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2021-45067 – Adobe Acrobat Reader Memory Corruption could lead to Information Disclosure
https://notcve.org/view.php?id=CVE-2021-45067
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anterio... • https://github.com/hacksysteam/CVE-2021-45067 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44712 – Adobe Acrobat Reader Memory Corruption could lead to Application denial-of-service
https://notcve.org/view.php?id=CVE-2021-44712
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anteriores), están afectadas por una vulnerabilida... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-788: Access of Memory Location After End of Buffer •