Adobe Acrobat vulnerabilities
1,356 known vulnerabilities affecting adobe/acrobat.
Total CVEs
1,356
CISA KEV
23
actively exploited
Public exploits
43
Exploited in wild
27
Severity breakdown
CRITICAL540HIGH476MEDIUM316LOW24
Vulnerabilities
Page 23 of 68
CVE-2018-4880MEDIUMCVSS 6.5≥ 17.0, ≤ 17.011.300702018-02-27
CVE-2018-4880 [MEDIUM] CWE-125 CVE-2018-4880: An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the conversion module that reads U3D data. A successful
nvd
CVE-2018-4897MEDIUMCVSS 6.5≥ 17.0, ≤ 17.011.300702018-02-27
CVE-2018-4897 [MEDIUM] CWE-125 CVE-2018-4897: An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that parses TIFF metadata. A
nvd
CVE-2018-4887MEDIUMCVSS 6.5≥ 17.0, ≤ 17.011.300702018-02-27
CVE-2018-4887 [MEDIUM] CWE-125 CVE-2018-4887: An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the Unicode mapping module that is invoked when processi
nvd
CVE-2018-4894MEDIUMCVSS 6.5≥ 17.0, ≤ 17.011.300702018-02-27
CVE-2018-4894 [MEDIUM] CWE-125 CVE-2018-4894: An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XPS font processing. A successful attack can lead to
nvd
CVE-2018-4912MEDIUMCVSS 6.5≥ 17.0, ≤ 17.011.300702018-02-27
CVE-2018-4912 [MEDIUM] CWE-125 CVE-2018-4912: An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles JPEG 2000 data.
nvd
CVE-2018-4903MEDIUMCVSS 6.5≥ 17.0, ≤ 17.011.300702018-02-27
CVE-2018-4903 [MEDIUM] CWE-125 CVE-2018-4903: An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TIFF processing within the XPS module. A successful
nvd
CVE-2017-16398CRITICALCVSS 9.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16398 [CRITICAL] CWE-416 CVE-2017-16398: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript engine. The mismatch between an old and a new object can provide
nvd
CVE-2017-11293CRITICALCVSS 9.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-11293 [CRITICAL] CWE-119 CVE-2017-11293: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2017-16410HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16410 [HIGH] CWE-129 CVE-2017-16410: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the calculation occurs in the image conversion module, when proc
nvd
CVE-2017-16400HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16400 [HIGH] CWE-125 CVE-2017-16400: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the JPEG 2000
nvd
CVE-2017-16365HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16365 [HIGH] CWE-125 CVE-2017-16365: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the True Type2 Font parsing module. A corrupted cmap table input leads to a computation where the poin
nvd
CVE-2017-16413HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16413 [HIGH] CWE-787 CVE-2017-16413: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is part of the XPS to PDF conversion mod
nvd
CVE-2017-16372HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16372 [HIGH] CWE-119 CVE-2017-16372: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to untrusted pointer dereference in the JavaScript API engine. In this scenario, the JavaScript input is crafted in way that the computat
nvd
CVE-2017-16399HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16399 [HIGH] CWE-125 CVE-2017-16399: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the XPS parsing module. In this scenario, the input is crafted in a way that the computation resul
nvd
CVE-2017-16414HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16414 [HIGH] CWE-125 CVE-2017-16414: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the JavaScri
nvd
CVE-2017-16385HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16385 [HIGH] CWE-119 CVE-2017-16385: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value in TIFF parsing during XPS conversion. Crafted TIFF image input causes a mism
nvd
CVE-2017-16381HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16381 [HIGH] CWE-119 CVE-2017-16381: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value when processing TIFF files embedded within an XPS document. Crafted TIFF imag
nvd
CVE-2017-16408HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16408 [HIGH] CWE-125 CVE-2017-16408: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the WebCaptu
nvd
CVE-2017-16396HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16396 [HIGH] CWE-119 CVE-2017-16396: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value in the TIFF processing module. Crafted input causes a mismatch between alloca
nvd
CVE-2017-16368HIGHCVSS 8.8≤ 11.0.22≥ 17.0, ≤ 17.011.300662017-12-09
CVE-2017-16368 [HIGH] CWE-119 CVE-2017-16368: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string manipulation module. It is triggered by an invalid PDF f
nvd