CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-34232 – Adobe Acrobat Reader DC Annotation print Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-34232
13 Jul 2022 — Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Acrobat Reader versiones 22.001.20142 (y anteriores), 20.005.30334 (y anteriores) y 17.012.30229 (y anteriores),... • https://helpx.adobe.com/security/products/acrobat/apsb22-32.html • CWE-416: Use After Free •
CVSS: 7.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28247 – Adobe Acrobat Uninstaller Hard Link Leads To Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-28247
11 May 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges. Acrobat Reader DC versiones 22.001.2011x (y anteriores), 20.005.3033x (y anteriores) y 17.012.3022x (y anteriores), están afectadas por una vulnerabilidad de ruta de búsqueda no... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.3EPSS: 1%CPEs: 14EXPL: 0CVE-2022-28244 – Adobe Acrobat Reader DC CSP Bypass Leads To Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-28244
11 May 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content security policy, which could result in an attacker sending arbitrarily configured requests to the cross-origin attack target domain. Exploitation requires user interaction in which the victim needs to access a crafted PDF file on an attacker's server. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.00... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-657: Violation of Secure Design Principles •
CVSS: 9.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28234 – Adobe Acrobat Reader DC Heap Overflow Could Lead to RCE
https://notcve.org/view.php?id=CVE-2022-28234
11 May 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), está... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28837 – Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28837
10 May 2022 — Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Pro DC versiones 22.001.2011x (y anteriores), 20.005.3033x (y anteriores) y 17.012.3022x (y anteriores), están afecta... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 4%CPEs: 14EXPL: 0CVE-2022-28838 – Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28838
10 May 2022 — Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Pro DC versiones 22.001.2011x (y anteriores), 20.005.3033x (y anteriores) y 17.012.3022x (y anteriores), están afectadas por una vulnerabilidad de uso de memori... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-28257 – Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28257
28 Apr 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.2011x (y anteriores), 20.005... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 2%CPEs: 14EXPL: 0CVE-2022-27793 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27793
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas por una vulnerabilidad de escritur... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 5%CPEs: 14EXPL: 0CVE-2022-27801 – Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27801
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas por una... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 3%CPEs: 14EXPL: 0CVE-2022-28235 – Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28235
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas ... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •