Filtered by vendor Adobe
Subscribe
Total
6131 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-16397 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of Enhanced Metafile Format (EMF) processing within the image conversion module. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2017-16363 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the module that handles character codes for certain textual representations. Invalid input leads to a computation where the pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information, such as object heap addresses, etc. | |||||
| CVE-2017-3044 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11271 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3066 | 1 Adobe | 1 Coldfusion | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2981 | 1 Adobe | 1 Digital Editions | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-2938 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections. | |||||
| CVE-2017-3024 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3055 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11270 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-11227 | 3 Adobe, Apple, Microsoft | 7 Acrobat, Acrobat Dc, Acrobat Reader and 4 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2995 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2940 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3099 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Macos and 8 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2952 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-3037 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2994 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-2974 | 1 Adobe | 1 Digital Editions | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-11294 | 2 Adobe, Microsoft | 2 Shockwave, Windows | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-16418 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the image conversion module that handles XPS files. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||