Adobe Reader vulnerabilities

360 known vulnerabilities affecting adobe/reader.

Total CVEs

360

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL199HIGH123MEDIUM31LOW7

Vulnerabilities

Page 8 of 18

CVE-2017-2950HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2950 [HIGH] CWE-416 CVE-2017-2950: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2957HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2957 [HIGH] CWE-416 CVE-2017-2957: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2965HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2965 [HIGH] CWE-119 CVE-2017-2965: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2959HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2959 [HIGH] CWE-119 CVE-2017-2959: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2941HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2941 [HIGH] CWE-119 CVE-2017-2941: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2960HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2960 [HIGH] CWE-119 CVE-2017-2960: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2945HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2945 [HIGH] CWE-119 CVE-2017-2945: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2947MEDIUMCVSS 5.5≤ 11.0.182017-01-11

CVE-2017-2947 [MEDIUM] CWE-20 CVE-2017-2947: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF).

nvd

CVE-2016-4095CRITICALCVSS 9.8≤ 11.0.172016-11-10

CVE-2016-4095 [CRITICAL] CWE-119 CVE-2016-4095: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

nvd

CVE-2016-7854CRITICALCVSS 9.8≤ 11.0.172016-10-21

CVE-2016-7854 [CRITICAL] CVE-2016-7854: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7852CRITICALCVSS 9.8≤ 11.0.172016-10-21

CVE-2016-7852 [CRITICAL] CVE-2016-7852: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7853CRITICALCVSS 9.8≤ 11.0.172016-10-21

CVE-2016-7853 [CRITICAL] CVE-2016-7853: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7009CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-7009 [CRITICAL] CVE-2016-7009: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-6973CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-6973 [CRITICAL] CVE-2016-6973: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7014CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-7014 [CRITICAL] CVE-2016-7014: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-6996CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-6996 [CRITICAL] CVE-2016-6996: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7005CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-7005 [CRITICAL] CVE-2016-7005: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7017CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-7017 [CRITICAL] CVE-2016-7017: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-6952CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-6952 [CRITICAL] CVE-2016-6952: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944,

nvd

CVE-2016-6995CRITICALCVSS 9.8≤ 11.0.172016-10-13

CVE-2016-6995 [CRITICAL] CVE-2016-6995: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

← Previous8 / 18Next →