Adobe Acrobat Reader vulnerabilities
1,107 known vulnerabilities affecting adobe/acrobat_reader.
Total CVEs
1,107
CISA KEV
21
actively exploited
Public exploits
43
Exploited in wild
25
Severity breakdown
CRITICAL352HIGH412MEDIUM316LOW27
Vulnerabilities
Page 31 of 56
CVE-2016-0942CRITICALCVSS 9.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0942 [CRITICAL] CVE-2016-0942: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933
nvd
CVE-2016-0937HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0937 [HIGH] CVE-2016-0937: Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.
Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932,
nvd
CVE-2016-0935HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0935 [HIGH] CVE-2016-0935: Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC
Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary.
nvd
CVE-2016-0936HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0936 [HIGH] CVE-2016-0936: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933,
nvd
CVE-2016-0938HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0938 [HIGH] CVE-2016-0938: The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classi
The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-201
nvd
CVE-2016-0931HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0931 [HIGH] CWE-119 CVE-2016-0931: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016
nvd
CVE-2016-0939HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0939 [HIGH] CVE-2016-0939: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability
nvd
CVE-2016-0943HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0943 [HIGH] CWE-264 CVE-2016-0943: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors.
nvd
CVE-2016-0947HIGHCVSS 7.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0947 [HIGH] CVE-2016-0947: Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat b
Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory.
nvd
CVE-2016-0932HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0932 [HIGH] CVE-2016-0932: Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.
Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934,
nvd
CVE-2016-0941HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0941 [HIGH] CVE-2016-0941: Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before
Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-093
nvd
CVE-2016-0934HIGHCVSS 8.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0934 [HIGH] CVE-2016-0934: Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acro
Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2016-0932, CVE-2016-09
nvd
CVE-2015-8458MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-12-21
CVE-2015-8458 [MEDIUM] CVE-2015-8458: Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befor
Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerabilit
nvd
CVE-2015-7650MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-11-04
CVE-2015-7650 [MEDIUM] CVE-2015-7650: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a
nvd
CVE-2015-7829LOWCVSS 1.9≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-15
CVE-2015-7829 [LOW] CVE-2015-7829: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete arbitrary files via Adobe Collaboration Sync, a related issue to CVE-201
nvd
CVE-2015-6684CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6684 [CRITICAL] CVE-2015-6684: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd
CVE-2015-6687CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6687 [CRITICAL] CVE-2015-6687: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd
CVE-2015-5586CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-5586 [CRITICAL] CWE-416 CVE-2015-5586: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CV
nvd
CVE-2015-7622CRITICALCVSS 10.0PoC≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7622 [CRITICAL] CVE-2015-7622: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability
nvd
CVE-2015-6683CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6683 [CRITICAL] CVE-2015-6683: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd