Adobe Reader vulnerabilities
360 known vulnerabilities affecting adobe/reader.
Total CVEs
360
CISA KEV
0
Public exploits
10
Exploited in wild
1
Severity breakdown
CRITICAL199HIGH123MEDIUM31LOW7
Vulnerabilities
Page 18 of 18
CVE-2016-4089CRITICALCVSS 9.8≤ 11.0.152016-05-11
CVE-2016-4089 [CRITICAL] CVE-2016-4089: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172,
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063
nvd
CVE-2016-4103CRITICALCVSS 9.8≤ 11.0.152016-05-11
CVE-2016-4103 [CRITICAL] CVE-2016-4103: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172,
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063
nvd
CVE-2016-1040CRITICALCVSS 9.8≤ 11.0.152016-05-11
CVE-2016-1040 [CRITICAL] CVE-2016-1040: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172,
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1
nvd
CVE-2016-1057CRITICALCVSS 9.8≤ 11.0.152016-05-11
CVE-2016-1057 [CRITICAL] CVE-2016-1057: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047,
nvd
CVE-2016-1064CRITICALCVSS 9.8≤ 11.0.152016-05-11
CVE-2016-1064 [CRITICAL] CVE-2016-1064: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172,
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063
nvd
CVE-2016-1065CRITICALCVSS 9.8≤ 11.0.152016-05-11
CVE-2016-1065 [CRITICAL] CVE-2016-1065: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047,
nvd
CVE-2016-4106HIGHCVSS 7.8≤ 11.0.152016-05-11
CVE-2016-4106 [HIGH] CVE-2016-4106: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087
nvd
CVE-2016-1090HIGHCVSS 7.8≤ 11.0.152016-05-11
CVE-2016-1090 [HIGH] CVE-2016-1090: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087
nvd
CVE-2016-1087HIGHCVSS 7.8≤ 11.0.152016-05-11
CVE-2016-1087 [HIGH] CVE-2016-1087: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1090
nvd
CVE-2016-1079HIGHCVSS 7.5≤ 11.0.152016-05-11
CVE-2016-1079 [HIGH] CWE-200 CVE-2016-1079: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172,
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092.
nvd
CVE-2016-1092HIGHCVSS 7.5≤ 11.0.152016-05-11
CVE-2016-1092 [HIGH] CVE-2016-1092: Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172,
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079.
nvd
CVE-2011-4374CRITICALCVSS 9.3≥ 8.0, ≤ 8.3≥ 10.0, ≤ 10.1+1 more2012-01-19
CVE-2011-4374 [CRITICAL] CWE-190 CVE-2011-4374: Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary cod
Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2011-4372CRITICALCVSS 9.8≤ 10.1.1≤ 9.4.6+3 more2012-01-10
CVE-2011-4372 [CRITICAL] CVE-2011-4372: Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.
nvd
CVE-2011-4373CRITICALCVSS 9.8≤ 10.1.1≤ 9.4.6+3 more2012-01-10
CVE-2011-4373 [CRITICAL] CVE-2011-4373: Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372.
nvd
CVE-2011-4371HIGHCVSS 7.5≤ 10.1.1≤ 9.4.6+3 more2012-01-10
CVE-2011-4371 [HIGH] CWE-787 CVE-2011-4371: Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
nvd
CVE-2011-4370HIGHCVSS 7.5≤ 10.1.1≤ 9.4.6+3 more2012-01-10
CVE-2011-4370 [HIGH] CWE-787 CVE-2011-4370: Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373.
nvd
CVE-2010-1278CRITICALCVSS 9.3v8.0.0v8.1.1+11 more2010-04-22
CVE-2010-1278 [CRITICAL] CWE-119 CVE-2010-1278: Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as use
Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.
nvd
CVE-2009-3459CRITICALCVSS 9.3ExploitedPoCv3.0v4.0+35 more2009-10-13
CVE-2009-3459 [CRITICAL] CWE-119 CVE-2009-3459: Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
nvd
CVE-2009-1493MEDIUMCVSS 6.8PoCv8.1.4v9.12009-04-30
CVE-2009-1493 [MEDIUM] CWE-399 CVE-2009-1493: The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and e
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
nvd
CVE-2009-1062CRITICALCVSS 9.3v3.0v4.0+30 more2009-03-25
CVE-2009-1062 [CRITICAL] CVE-2009-1062: Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers t
Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.
nvd
← Previous18 / 18