CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2201 CVE-2017-3030 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution.
2202 CVE-2017-3028 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution.
2203 CVE-2017-3027 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution.
2204 CVE-2017-3026 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution.
2205 CVE-2017-3025 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution.
2206 CVE-2017-3024 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution.
2207 CVE-2017-3023 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution.
2208 CVE-2017-3019 125 Exec Code Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution.
2209 CVE-2017-3018 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution.
2210 CVE-2017-3017 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution.
2211 CVE-2017-3016 119 Exec Code Overflow Mem. Corr. 2017-08-11 2017-08-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
2212 CVE-2017-3015 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution.
2213 CVE-2017-3014 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution.
2214 CVE-2017-3013 254 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging.
2215 CVE-2017-3012 254 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin.
2216 CVE-2017-3011 190 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution.
2217 CVE-2017-3010 119 Exec Code Overflow Mem. Corr. 2017-03-31 2017-04-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.
2218 CVE-2017-3006 264 2017-04-12 2017-08-15
9.0
None Remote Low Single system Complete Complete Complete
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
2219 CVE-2017-3004 119 Exec Code Overflow Mem. Corr. 2017-04-12 2019-05-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have a memory corruption vulnerability when parsing malicious PCX files. Successful exploitation could lead to arbitrary code execution.
2220 CVE-2017-3003 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
2221 CVE-2017-3002 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
2222 CVE-2017-3001 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
2223 CVE-2017-2999 119 Exec Code Overflow Mem. Corr. 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
2224 CVE-2017-2998 119 Exec Code Overflow Mem. Corr. 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
2225 CVE-2017-2997 119 Exec Code Overflow 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
2226 CVE-2017-2996 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
2227 CVE-2017-2993 416 Exec Code 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
2228 CVE-2017-2992 119 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
2229 CVE-2017-2991 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
2230 CVE-2017-2990 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
2231 CVE-2017-2988 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
2232 CVE-2017-2987 190 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
2233 CVE-2017-2986 119 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
2234 CVE-2017-2985 416 Exec Code 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
2235 CVE-2017-2984 119 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.
2236 CVE-2017-2982 416 Exec Code 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
2237 CVE-2017-2973 119 Exec Code Overflow 2017-02-15 2017-07-24
10.0
None Remote Low Not required Complete Complete Complete
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
2238 CVE-2017-2972 119 Exec Code Overflow Mem. Corr. 2017-01-24 2017-01-27
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution.
2239 CVE-2017-2971 119 Exec Code Overflow 2017-01-24 2017-01-27
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution.
2240 CVE-2017-2970 119 Exec Code Overflow 2017-01-24 2017-01-26
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution.
2241 CVE-2017-2967 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form's structure and organization. Successful exploitation could lead to arbitrary code execution.
2242 CVE-2017-2966 119 Exec Code Overflow 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution.
2243 CVE-2017-2965 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution.
2244 CVE-2017-2964 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution.
2245 CVE-2017-2963 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution.
2246 CVE-2017-2962 704 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution.
2247 CVE-2017-2961 416 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution.
2248 CVE-2017-2960 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution.
2249 CVE-2017-2959 119 Exec Code Overflow 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.
2250 CVE-2017-2958 416 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.