Adobe Acrobat vulnerabilities
1,356 known vulnerabilities affecting adobe/acrobat.
Total CVEs
1,356
CISA KEV
23
actively exploited
Public exploits
43
Exploited in wild
27
Severity breakdown
CRITICAL540HIGH476MEDIUM316LOW24
Vulnerabilities
Page 46 of 68
CVE-2015-7616MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7616 [MEDIUM] CVE-2015-7616: The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabil
nvd
CVE-2015-6705MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6705 [MEDIUM] CVE-2015-6705: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than
nvd
CVE-2015-6693MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6693 [MEDIUM] CVE-2015-6693: The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.
The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted arg
nvd
CVE-2015-6701MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6701 [MEDIUM] CVE-2015-6701: The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16
The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function cal
nvd
CVE-2015-6702MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6702 [MEDIUM] CVE-2015-6702: The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.1
The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulner
nvd
CVE-2015-7623MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7623 [MEDIUM] CVE-2015-7623: The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11
The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vuln
nvd
CVE-2015-6719MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6719 [MEDIUM] CVE-2015-6719: The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before
The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different v
nvd
CVE-2015-6710MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6710 [MEDIUM] CVE-2015-6710: The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acroba
The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability tha
nvd
CVE-2015-6685MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6685 [MEDIUM] CWE-119 CVE-2015-6685: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) by using the Format action for unspecified fi
nvd
CVE-2015-6690MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6690 [MEDIUM] CVE-2015-6690: Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.
Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via crafted arguments, a different vulnera
nvd
CVE-2015-6708MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6708 [MEDIUM] CVE-2015-6708: The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabilit
nvd
CVE-2015-6698MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6698 [MEDIUM] CVE-2015-6698: Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10
Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu
nvd
CVE-2015-6724MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6724 [MEDIUM] CVE-2015-6724: The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabi
nvd
CVE-2015-7621MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7621 [MEDIUM] CVE-2015-7621: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted U3D object, a different vulnerability than CVE-2015-55
nvd
CVE-2015-5583MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-5583 [MEDIUM] CWE-200 CVE-2015-5583: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended sandbox restrictions and obtain sensitive PDF information by launching a print job on a remote printe
nvd
CVE-2015-6697MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6697 [MEDIUM] CWE-772 CVE-2015-6697: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a differen
nvd
CVE-2015-6707MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6707 [MEDIUM] CVE-2015-6707: The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabilit
nvd
CVE-2015-6688MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6688 [MEDIUM] CVE-2015-6688: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted Optional Content Groups (OCG) object in a WillSave doc
nvd
CVE-2015-6716MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6716 [MEDIUM] CVE-2015-6716: The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before
The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different v
nvd
CVE-2015-6700MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6700 [MEDIUM] CVE-2015-6700: The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerabil
nvd