Adobe Acrobat Reader vulnerabilities
1,107 known vulnerabilities affecting adobe/acrobat_reader.
Total CVEs
1,107
CISA KEV
21
actively exploited
Public exploits
43
Exploited in wild
25
Severity breakdown
CRITICAL352HIGH412MEDIUM316LOW27
Vulnerabilities
Page 32 of 56
CVE-2015-6691CRITICALCVSS 10.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6691 [CRITICAL] CVE-2015-6691: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5
nvd
CVE-2015-6713HIGHCVSS 7.5≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6713 [HIGH] CVE-2015-6713: The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.
The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnera
nvd
CVE-2015-6694MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6694 [MEDIUM] CVE-2015-6694: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the fillColor attribute, a differe
nvd
CVE-2015-6722MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6722 [MEDIUM] CVE-2015-6722: The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befor
The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different
nvd
CVE-2015-6714MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6714 [MEDIUM] CVE-2015-6714: The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.
The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulne
nvd
CVE-2015-7624MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7624 [MEDIUM] CVE-2015-7624: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than
nvd
CVE-2015-6704MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6704 [MEDIUM] CVE-2015-6704: The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befo
The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different
nvd
CVE-2015-6686MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6686 [MEDIUM] CVE-2015-6686: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted set of fields, a different vulnerabilit
nvd
CVE-2015-6692MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6692 [MEDIUM] CWE-120 CVE-2015-6692: Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information via unspecified vectors.
nvd
CVE-2015-6711MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6711 [MEDIUM] CVE-2015-6711: The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabil
nvd
CVE-2015-6709MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6709 [MEDIUM] CVE-2015-6709: The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acro
The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability t
nvd
CVE-2015-6717MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6717 [MEDIUM] CVE-2015-6717: The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabi
nvd
CVE-2015-7616MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7616 [MEDIUM] CVE-2015-7616: The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabil
nvd
CVE-2015-6705MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6705 [MEDIUM] CVE-2015-6705: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than
nvd
CVE-2015-6693MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6693 [MEDIUM] CVE-2015-6693: The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.
The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted arg
nvd
CVE-2015-6701MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6701 [MEDIUM] CVE-2015-6701: The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16
The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function cal
nvd
CVE-2015-6702MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6702 [MEDIUM] CVE-2015-6702: The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.1
The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulner
nvd
CVE-2015-7623MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7623 [MEDIUM] CVE-2015-7623: The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11
The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vuln
nvd
CVE-2015-6719MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6719 [MEDIUM] CVE-2015-6719: The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before
The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different v
nvd
CVE-2015-6710MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6710 [MEDIUM] CVE-2015-6710: The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acroba
The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability tha
nvd