Adobe Acrobat Reader vulnerabilities
1,107 known vulnerabilities affecting adobe/acrobat_reader.
Total CVEs
1,107
CISA KEV
21
actively exploited
Public exploits
43
Exploited in wild
25
Severity breakdown
CRITICAL352HIGH412MEDIUM316LOW27
Vulnerabilities
Page 33 of 56
CVE-2015-6685MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6685 [MEDIUM] CWE-119 CVE-2015-6685: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) by using the Format action for unspecified fi
nvd
CVE-2015-6690MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6690 [MEDIUM] CVE-2015-6690: Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.
Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via crafted arguments, a different vulnera
nvd
CVE-2015-6708MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6708 [MEDIUM] CVE-2015-6708: The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabilit
nvd
CVE-2015-6698MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6698 [MEDIUM] CVE-2015-6698: Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10
Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu
nvd
CVE-2015-6724MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6724 [MEDIUM] CVE-2015-6724: The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabi
nvd
CVE-2015-7621MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7621 [MEDIUM] CVE-2015-7621: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted U3D object, a different vulnerability than CVE-2015-55
nvd
CVE-2015-5583MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-5583 [MEDIUM] CWE-200 CVE-2015-5583: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended sandbox restrictions and obtain sensitive PDF information by launching a print job on a remote printe
nvd
CVE-2015-6697MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6697 [MEDIUM] CWE-772 CVE-2015-6697: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a differen
nvd
CVE-2015-6707MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6707 [MEDIUM] CVE-2015-6707: The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabilit
nvd
CVE-2015-6688MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6688 [MEDIUM] CVE-2015-6688: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted Optional Content Groups (OCG) object in a WillSave doc
nvd
CVE-2015-6716MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6716 [MEDIUM] CVE-2015-6716: The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before
The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different v
nvd
CVE-2015-6700MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6700 [MEDIUM] CVE-2015-6700: The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerabil
nvd
CVE-2015-6696MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6696 [MEDIUM] CWE-787 CVE-2015-6696: Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-201
nvd
CVE-2015-7619MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7619 [MEDIUM] CVE-2015-7619: The ANShareFile2 method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acr
The ANShareFile2 method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability
nvd
CVE-2015-7617MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-7617 [MEDIUM] CVE-2015-7617: Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulne
nvd
CVE-2015-6706MEDIUMCVSS 5.0≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6706 [MEDIUM] CVE-2015-6706: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than
nvd
CVE-2015-6721MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6721 [MEDIUM] CVE-2015-6721: The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x bef
The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a differen
nvd
CVE-2015-6723MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6723 [MEDIUM] CVE-2015-6723: The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.
The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnera
nvd
CVE-2015-6715MEDIUMCVSS 6.8≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6715 [MEDIUM] CVE-2015-6715: The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11
The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vuln
nvd
CVE-2015-6699MEDIUMCVSS 4.3≥ 10.0, ≤ 10.1.15≥ 11.0.0, ≤ 11.0.122015-10-14
CVE-2015-6699 [MEDIUM] CVE-2015-6699: The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.
The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vul
nvd