CVSS: 9.3EPSS: 3%CPEs: 14EXPL: 0CVE-2022-28230 – Adobe Acrobat Reader DC AcroForm calculateNow Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-28230
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas ... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 5%CPEs: 14EXPL: 0CVE-2022-27800 – Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27800
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas por una... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 1%CPEs: 14EXPL: 0CVE-2022-28250 – Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28250
28 Apr 2022 — Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.2011x (y anteriores), 20.005.3033x (y anteriores) y 17.012.3022x (y anteriores), están ... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 14EXPL: 0CVE-2022-27794 – Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27794
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afe... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-824: Access of Uninitialized Pointer •
CVSS: 9.3EPSS: 3%CPEs: 14EXPL: 0CVE-2022-28232 – Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28232
28 Apr 2022 — Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 22.001.20085 (y anteriores), 20.005.3031x (y anteriores) y 17.012.30205 (y anteriores), están afectadas p... • https://helpx.adobe.com/security/products/acrobat/apsb22-16.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 7%CPEs: 10EXPL: 0CVE-2022-24091 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24091
18 Mar 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), 20.004.30017 (y anteriores) y 17.011.30204 (y anteriores), están afectadas por una vulnerabilidad de escr... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 11%CPEs: 10EXPL: 0CVE-2022-24092 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24092
18 Mar 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), 20.004.30017 (y anteriores) y 17.011.30204 (y anteriores), están afectadas por una vulnerabilidad de escr... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-44714 – Adobe Acrobat Reader Missing Custom Protocols in Warning Message Prompts
https://notcve.org/view.php?id=CVE-2021-44714
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as t... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-657: Violation of Secure Design Principles •
CVSS: 9.3EPSS: 9%CPEs: 12EXPL: 0CVE-2021-44710 – Adobe Acrobat Reader Use-after-free could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44710
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anterior... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0CVE-2021-44705 – Adobe Acrobat Reader Use-After-Free could lead to Arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-44705
14 Jan 2022 — Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 21.007.20099 (y anteriores), versiones 20.004.30017 (y anteriores) y versiones 17.011.30204 (y anterior... • https://helpx.adobe.com/security/products/acrobat/apsb22-01.html • CWE-416: Use After Free •