CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 0CVE-2021-28554 – Adobe Acrobat Reader DC Path Parsing Out-Of-Bounds Read could lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-28554
10 Jun 2021 — Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20155 (y anteriores), versiones 2020.001.30025 (y anteriores) ... • https://helpx.adobe.com/security/products/acrobat/apsb21-29.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-28631 – Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28631
10 Jun 2021 — Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20155 (y anteriores), versiones 2020.001.30025 (y anteriores) y ve... • https://helpx.adobe.com/security/products/acrobat/apsb21-37.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-28632 – ZDI-CAN-13471: Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28632
10 Jun 2021 — Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20155 (y anteriores), versiones 2020.001.30025 (y anteriores) y ve... • https://helpx.adobe.com/security/products/acrobat/apsb21-37.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28546 – Acrobat Reader DC Missing Support for Integrity Check
https://notcve.org/view.php?id=CVE-2021-28546
01 Apr 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker could leverage this vulnerability to modify content in a certified PDF without invalidating the certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.001.30018 (y anteriores) y v... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-353: Missing Support for Integrity Check •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28545 – Acrobat Reader DC Missing Support for Integrity Check
https://notcve.org/view.php?id=CVE-2021-28545
01 Apr 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are missing support for an integrity check. An unauthenticated attacker would have the ability to completely manipulate data in a certified PDF without invalidating the original certification. Exploitation of this issue requires user interaction in that a victim must open the tampered file. Las versiones de Acrobat Reader DC 2020.013.20074 (y anteriores), 2020.001.30018 (y anterior... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-353: Missing Support for Integrity Check •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2021-21086 – Adobe Reader CoolType Arbitrary Stack Manipulation
https://notcve.org/view.php?id=CVE-2021-21086
18 Mar 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.... • https://github.com/infobyte/Exploit-CVE-2021-21086 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 39%CPEs: 8EXPL: 0CVE-2021-21088 – Adobe Acrobat Pro DC Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-21088
18 Mar 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2020.013.20074 (y anteriores), 2020.001.30018 (y anteriores) y 2017.011.30188 (y anteriore... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-416: Use After Free •
CVSS: 7.1EPSS: 1%CPEs: 8EXPL: 0CVE-2020-29075 – PDF Injection BlackHat Talk
https://notcve.org/view.php?id=CVE-2020-29075
23 Feb 2021 — Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability. Acrobat Reader DC versiones 2020.013.20066 (y anteriores), versiones 2020.001.30010 (y anteriores) y versiones 2017.011... • https://helpx.adobe.com/security/products/acrobat/apsb20-75.html • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-21063 – Acrobat Reader DC Buffer Overflow Vulnerability Could Lead to Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-21063
11 Feb 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC, versiones 2020.013.20074 (y anteriores),... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-21062 – Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-21062
11 Feb 2021 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC, versiones 2020.013.20074 (y anteriores),... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-787: Out-of-bounds Write •