cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-44516,https://securityvulnerability.io/vulnerability/CVE-2022-44516,Out-of-Bounds Read Vulnerability in Adobe Acrobat Reader DC,"CVE-2022-44516 is a significant out-of-bounds read vulnerability affecting multiple versions of Adobe Acrobat Reader DC. This flaw arises when the software improperly parses specially crafted files, leading to potential read operations beyond the allocated memory boundaries. Attackers can exploit this vulnerability to bypass security mechanisms such as Address Space Layout Randomization (ASLR). However, successful exploitation requires user interaction, as the victim must open a maliciously crafted file. Users of affected versions should take immediate steps to update their software and mitigate the risk associated with this vulnerability.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0005600000149570405,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44517,https://securityvulnerability.io/vulnerability/CVE-2022-44517,Out-of-Bounds Read Vulnerability in Adobe Acrobat Reader DC Products,"CVE-2022-44517 is a high-risk out-of-bounds read vulnerability identified in Adobe Acrobat Reader DC. This vulnerability affects version 22.001.20085 and earlier, version 20.005.3031x and earlier, as well as version 17.012.30205 and earlier. It occurs when the application processes a specially crafted file, potentially allowing an attacker to read data beyond the allocated memory area. Exploitation of this vulnerability could enable attackers to bypass important security mitigations like Address Space Layout Randomization (ASLR). It is important to note that successful exploitation requires user interaction, specifically, the victim must open a malicious file. Users are advised to update to the latest version to mitigate risks.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0005600000149570405,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44513,https://securityvulnerability.io/vulnerability/CVE-2022-44513,Out-of-Bounds Write Vulnerability in Adobe Acrobat Reader DC,"CVE-2022-44513 is a significant security vulnerability identified in various versions of Adobe Acrobat Reader DC. This out-of-bounds write vulnerability allows attackers to execute arbitrary code within the context of the current user. Exploitation of this vulnerability necessitates user interaction, specifically requiring the victim to open a maliciously crafted file. Users of Adobe Acrobat Reader DC versions prior to 22.001.20085, 20.005.3031x, and 17.012.30205 are particularly at risk, making it crucial for organizations and individuals to apply the necessary security updates to mitigate potential threats.",Adobe,Acrobat Reader,7.8,HIGH,0.0006600000197067857,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44519,https://securityvulnerability.io/vulnerability/CVE-2022-44519,Use-After-Free Vulnerability in Adobe Acrobat Reader,"CVE-2022-44519 is a crucial use-after-free vulnerability affecting Adobe Acrobat Reader DC, potentially leading to the unauthorized disclosure of sensitive memory information. The vulnerability impacts versions of the software prior to 22.001.20085, 20.005.3031x, and 17.012.30205. To exploit this vulnerability, an attacker must convince a user to open a malicious PDF file, thereby bypassing security mitigations such as Address Space Layout Randomization (ASLR). This poses a significant risk for user data and system integrity, emphasizing the importance of timely updates to safeguard against such threats.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0005699999746866524,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44515,https://securityvulnerability.io/vulnerability/CVE-2022-44515,Out-of-Bounds Read Vulnerability in Adobe Acrobat Reader DC,"CVE-2022-44515 is a critical out-of-bounds read vulnerability affecting Adobe Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier, and 17.012.30205 and earlier. This vulnerability arises when Acrobat Reader processes a specially crafted file, potentially leading to read operations beyond the allocated memory boundaries. Such exploitation could enable attackers to bypass security mechanisms like Address Space Layout Randomization (ASLR). Importantly, for an attack to be successful, user interaction is required, as the targeted individual must open a malicious file. Users are advised to update their Acrobat Reader to the latest version to mitigate the risks associated with this vulnerability. For additional details, refer to Adobe's security advisory.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0005600000149570405,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44512,https://securityvulnerability.io/vulnerability/CVE-2022-44512,Out-of-Bounds Write Vulnerability in Adobe Acrobat Reader,"CVE-2022-44512 is a critical out-of-bounds write vulnerability affecting multiple versions of Adobe Acrobat Reader DC. This vulnerability can lead to arbitrary code execution in the context of the current user. An attacker can exploit this weakness by enticing a user to open a specially crafted malicious file. Only through user interaction can this exploit be triggered, which emphasizes the need for vigilance when handling unknown files. Adobe has released security updates to mitigate this risk. Users are encouraged to update to the latest versions to protect against potential exploitation.",Adobe,Acrobat Reader,7.8,HIGH,0.0006600000197067857,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44518,https://securityvulnerability.io/vulnerability/CVE-2022-44518,Use-After-Free Vulnerability in Adobe Acrobat Reader DC Affecting Multiple Versions,"CVE-2022-44518 is a critical use-after-free vulnerability identified in Adobe Acrobat Reader DC, impacting versions 22.001.20085 and earlier, as well as 20.005.3031x and earlier, and 17.012.30205 and earlier. This vulnerability could allow an attacker to execute arbitrary code on the affected system in the context of the current user. Exploitation of the vulnerability necessitates user interaction, as it requires that a victim opens a specifically crafted malicious file. Users are urged to apply recommended updates to mitigate any security risks associated with this vulnerability.",Adobe,Acrobat Reader,7.8,HIGH,0.0005799999926239252,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44520,https://securityvulnerability.io/vulnerability/CVE-2022-44520,Use-after-free Vulnerability in Adobe Acrobat Reader DC,"CVE-2022-44520 identifies a critical use-after-free vulnerability present in Adobe Acrobat Reader DC versions 22.001.20085 and earlier, including versions 20.005.3031x and 17.012.30205. This vulnerability poses a significant risk as it allows for arbitrary code execution within the context of the current user when a malicious PDF file is opened. Exploitation of this vulnerability requires user interaction, meaning that a victim must inadvertently open a compromised file, potentially compromising their system. Adobe has provided security updates to mitigate this vulnerability, and it is highly recommended for users to update their software immediately to prevent possible exploitation.",Adobe,Acrobat Reader,7.8,HIGH,0.0005799999926239252,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2023-21586,https://securityvulnerability.io/vulnerability/CVE-2023-21586,NULL Pointer Dereference Vulnerability in Adobe Acrobat Reader,"CVE-2023-21586 is a critical NULL Pointer Dereference vulnerability identified in Adobe Acrobat Reader that affects versions 22.003.20282 and earlier, 22.003.20281 and earlier, and 20.005.30418 and earlier. This vulnerability allows an unauthenticated attacker to exploit the software, potentially leading to a denial-of-service condition. Successful exploitation hinges on user interaction, as the victim must open a specifically crafted malicious file. It is paramount for users to be vigilant and update their Adobe Acrobat Reader installations to mitigate the risks associated with this vulnerability. For more details, visit the official Adobe security advisory.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2022-44514,https://securityvulnerability.io/vulnerability/CVE-2022-44514,Use-After-Free Vulnerability in Adobe Acrobat Reader DC,"CVE-2022-44514 is a critical use-after-free vulnerability found in Adobe Acrobat Reader DC and several earlier versions. This security flaw allows for arbitrary code execution in the context of the current user, posing a significant risk of exploitation. For successful exploitation, an attacker must lure a victim into opening a specially crafted malicious file, which triggers the exploit and may lead to unauthorized actions on the user's system. Users are urged to update to the latest versions to mitigate risks associated with this vulnerability.",Adobe,Acrobat Reader,7.8,HIGH,0.0005799999926239252,false,false,false,false,,false,false,2024-12-19T00:15:00.000Z,0
CVE-2024-49534,https://securityvulnerability.io/vulnerability/CVE-2024-49534,Acrobat Reader | Out-of-bounds Read (CWE-125),"Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-10T20:15:00.000Z,0
CVE-2024-49533,https://securityvulnerability.io/vulnerability/CVE-2024-49533,Acrobat Reader | Out-of-bounds Read (CWE-125),"Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-10T20:15:00.000Z,0
CVE-2024-49535,https://securityvulnerability.io/vulnerability/CVE-2024-49535,Improper Restriction of XML External Entity Reference Vulnerability in Acrobat Reader by Adobe,"An Improper Restriction of XML External Entity Reference vulnerability exists in Acrobat Reader, affecting multiple versions. This security flaw enables an attacker to craft malicious XML documents that could invoke external entities. When processed by the application, this can lead to significant security risks, including arbitrary code execution and unauthorized data access. User interaction is required for exploitation, as the victim must open the specially crafted XML file, highlighting the importance of cautious document handling.",Adobe,"Acrobat,Acrobat Dc,Acrobat Reader,Acrobat Reader Dc",7.8,HIGH,0.000699999975040555,false,false,false,false,,false,false,2024-12-10T20:15:00.000Z,0
CVE-2024-49532,https://securityvulnerability.io/vulnerability/CVE-2024-49532,Acrobat Reader | Out-of-bounds Read (CWE-125),"Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-10T20:15:00.000Z,0
CVE-2024-49530,https://securityvulnerability.io/vulnerability/CVE-2024-49530,Acrobat Reader | Use After Free (CWE-416),"Adobe Acrobat Reader versions 20 and 24 have been identified to contain a Use After Free vulnerability that poses a risk of arbitrary code execution. This vulnerability requires user interaction, as it can only be exploited if a user opens a specifically crafted malicious file. The effective exploitation of this flaw could allow an attacker to execute arbitrary code in the context of the user. Users are advised to be cautious with PDF files from untrusted sources to mitigate potential risks.",Adobe,Acrobat Reader,7,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-12-10T20:15:00.000Z,0
CVE-2024-41869,https://securityvulnerability.io/vulnerability/CVE-2024-41869,Acrobat Reader Vulnerability Could Lead to Arbitrary Code Execution,"CVE-2024-41869 is a vulnerability in Adobe Acrobat Reader that could lead to arbitrary code execution. It affects various versions of Acrobat Reader and requires user interaction to exploit. There is currently no evidence of exploitation by ransomware groups. Adobe has released a fix, but a PoC exploit for the vulnerability has been detected, prompting users to apply the update as soon as possible to mitigate potential risks.",Adobe,Acrobat Reader,7.8,HIGH,0.000699999975040555,false,true,false,false,,false,false,2024-09-13T08:58:58.898Z,0
CVE-2024-45112,https://securityvulnerability.io/vulnerability/CVE-2024-45112,Type Confusion Vulnerability in Adobe Acrobat Reader Could Lead to Arbitrary Code Execution,"Adobe Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, and 24.003.20054 experience a Type Confusion vulnerability that may allow attackers to execute arbitrary code in the context of the current user. This vulnerability arises when a resource is accessed using an incompatible object type, resulting in a logic error that can be exploited. Successful exploitation necessitates user interaction, as the targeted victim must open a specially crafted malicious file that triggers the vulnerability.",Adobe,Acrobat Reader,7.8,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2024-09-13T08:58:58.128Z,0
CVE-2024-45107,https://securityvulnerability.io/vulnerability/CVE-2024-45107,Adobe Acrobat Reader Vulnerabilities Could Lead to Memory Disclosure,"Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,Acrobat Reader,5.5,MEDIUM,0.0009200000204145908,false,false,false,false,,false,false,2024-09-05T08:48:09.064Z,0
CVE-2024-41879,https://securityvulnerability.io/vulnerability/CVE-2024-41879,Acrobat Reader vulnerability could lead to arbitrary code execution,"Adobe Acrobat Reader suffers from an out-of-bounds write vulnerability that can allow an attacker to execute arbitrary code within the context of the current user. This security flaw impacts versions 127.0.2651.105 and earlier. Successful exploitation necessitates that users open a specially crafted malicious file, thereby initiating the attack. It is crucial for users to stay vigilant and apply necessary security updates promptly to mitigate potential risks associated with this vulnerability.",Adobe,Acrobat Reader,7.8,HIGH,0.0005799999926239252,false,false,false,false,,false,false,2024-08-26T12:01:24.403Z,0
CVE-2024-39420,https://securityvulnerability.io/vulnerability/CVE-2024-39420,Adobe Acrobat Reader Vulnerable to Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability,"A race condition vulnerability in Adobe Acrobat Reader impacts various versions, allowing attackers to potentially execute arbitrary code. This vulnerability occurs due to the timing discrepancies between the verification of a condition and the subsequent use of the resource. An attacker must entice a user to interact with a malicious file for exploitation, creating an urgent need for users to ensure they are using the latest version of the application to mitigate risks.",Adobe,Acrobat Reader,7,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-41835,https://securityvulnerability.io/vulnerability/CVE-2024-41835,,"Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,"Acrobat,Acrobat Dc,Acrobat Reader,Acrobat Reader Dc",5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-41834,https://securityvulnerability.io/vulnerability/CVE-2024-41834,,"Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,"Acrobat,Acrobat Dc,Acrobat Reader,Acrobat Reader Dc",5.5,MEDIUM,0.0009200000204145908,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-41832,https://securityvulnerability.io/vulnerability/CVE-2024-41832,,"Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,"Acrobat,Acrobat Dc,Acrobat Reader,Acrobat Reader Dc",5.5,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-41833,https://securityvulnerability.io/vulnerability/CVE-2024-41833,,"Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",Adobe,"Acrobat,Acrobat Dc,Acrobat Reader,Acrobat Reader Dc",5.5,MEDIUM,0.0009200000204145908,false,false,false,false,,false,false,2024-08-14T15:15:00.000Z,0
CVE-2024-39426,https://securityvulnerability.io/vulnerability/CVE-2024-39426,Adobe Acrobat Reader Vulnerable to Out-of-Bounds Read Vulnerability,"Adobe Acrobat Reader contains an out-of-bounds read vulnerability that occurs while parsing specifically crafted files. This flaw allows attackers to read past the end of an allocated memory structure, potentially leading to code execution in the context of the executed user. Successful exploitation necessitates user interaction, as a target must open a maliciously designed file. Organizations using affected versions of Adobe Acrobat Reader should apply the vendor's security updates to mitigate this risk.",Adobe,Acrobat Reader,7.8,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2024-08-14T15:07:32.157Z,0