Adobe Acrobat vulnerabilities
1,356 known vulnerabilities affecting adobe/acrobat.
Total CVEs
1,356
CISA KEV
23
actively exploited
Public exploits
43
Exploited in wild
27
Severity breakdown
CRITICAL540HIGH476MEDIUM316LOW24
Vulnerabilities
Page 45 of 68
CVE-2015-8458MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-12-21
CVE-2015-8458 [MEDIUM] CVE-2015-8458: Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befor
Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerabilit
nvd
CVE-2015-7650MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-11-04
CVE-2015-7650 [MEDIUM] CVE-2015-7650: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a
nvd
CVE-2015-7829LOWCVSS 1.9≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-15
CVE-2015-7829 [LOW] CVE-2015-7829: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete arbitrary files via Adobe Collaboration Sync, a related issue to CVE-201
nvd
CVE-2015-6684CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6684 [CRITICAL] CVE-2015-6684: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd
CVE-2015-6687CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6687 [CRITICAL] CVE-2015-6687: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd
CVE-2015-5586CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-5586 [CRITICAL] CWE-416 CVE-2015-5586: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CV
nvd
CVE-2015-7622CRITICALCVSS 10.0PoC≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7622 [CRITICAL] CVE-2015-7622: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability
nvd
CVE-2015-6683CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6683 [CRITICAL] CVE-2015-6683: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd
CVE-2015-6691CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6691 [CRITICAL] CVE-2015-6691: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd
CVE-2015-6713HIGHCVSS 7.5≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6713 [HIGH] CVE-2015-6713: The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.
The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnera
nvd
CVE-2015-6694MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6694 [MEDIUM] CVE-2015-6694: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the fillColor attribute, a differe
nvd
CVE-2015-6722MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6722 [MEDIUM] CVE-2015-6722: The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befor
The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different
nvd
CVE-2015-6714MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6714 [MEDIUM] CVE-2015-6714: The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.
The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulne
nvd
CVE-2015-7624MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7624 [MEDIUM] CVE-2015-7624: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than
nvd
CVE-2015-6704MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6704 [MEDIUM] CVE-2015-6704: The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befo
The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different
nvd
CVE-2015-6686MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6686 [MEDIUM] CVE-2015-6686: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted set of fields, a different vulnerabilit
nvd
CVE-2015-6692MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6692 [MEDIUM] CWE-120 CVE-2015-6692: Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information via unspecified vectors.
nvd
CVE-2015-6711MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6711 [MEDIUM] CVE-2015-6711: The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabil
nvd
CVE-2015-6709MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6709 [MEDIUM] CVE-2015-6709: The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acro
The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability t
nvd
CVE-2015-6717MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6717 [MEDIUM] CVE-2015-6717: The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabi
nvd