CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2901 CVE-2017-3065 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution.
2902 CVE-2017-3064 119 Exec Code Overflow Mem. Corr. 2017-04-12 2018-01-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.
2903 CVE-2017-3063 416 Exec Code 2017-04-12 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.
2904 CVE-2017-3062 416 Exec Code 2017-04-12 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
2905 CVE-2017-3061 119 Exec Code Overflow Mem. Corr. 2017-04-12 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.
2906 CVE-2017-3060 125 Exec Code Mem. Corr. 2017-04-12 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.
2907 CVE-2017-3059 416 Exec Code 2017-04-12 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
2908 CVE-2017-3058 416 Exec Code 2017-04-12 2018-01-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution.
2909 CVE-2017-3057 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution.
2910 CVE-2017-3056 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. Successful exploitation could lead to arbitrary code execution.
2911 CVE-2017-3055 119 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution.
2912 CVE-2017-3054 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution.
2913 CVE-2017-3051 125 Exec Code Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution.
2914 CVE-2017-3050 787 Exec Code Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution.
2915 CVE-2017-3049 119 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. Successful exploitation could lead to arbitrary code execution.
2916 CVE-2017-3048 119 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution.
2917 CVE-2017-3047 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API. Successful exploitation could lead to arbitrary code execution.
2918 CVE-2017-3044 787 Exec Code Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution.
2919 CVE-2017-3042 119 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbitrary code execution.
2920 CVE-2017-3041 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. Successful exploitation could lead to arbitrary code execution.
2921 CVE-2017-3040 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution.
2922 CVE-2017-3039 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution.
2923 CVE-2017-3038 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-08-11
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution.
2924 CVE-2017-3037 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
2925 CVE-2017-3036 787 Exec Code Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. Successful exploitation could lead to arbitrary code execution.
2926 CVE-2017-3035 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation could lead to arbitrary code execution.
2927 CVE-2017-3034 191 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.
2928 CVE-2017-3030 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution.
2929 CVE-2017-3028 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution.
2930 CVE-2017-3027 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution.
2931 CVE-2017-3026 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution.
2932 CVE-2017-3025 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution.
2933 CVE-2017-3024 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution.
2934 CVE-2017-3023 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution.
2935 CVE-2017-3019 125 Exec Code Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution.
2936 CVE-2017-3018 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution.
2937 CVE-2017-3017 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution.
2938 CVE-2017-3016 119 Exec Code Overflow Mem. Corr. 2017-08-11 2019-08-21
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
2939 CVE-2017-3015 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution.
2940 CVE-2017-3014 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution.
2941 CVE-2017-3013 427 2017-04-12 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging.
2942 CVE-2017-3012 427 2017-04-12 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin.
2943 CVE-2017-3011 190 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution.
2944 CVE-2017-3010 119 Exec Code Overflow Mem. Corr. 2017-03-31 2019-05-22
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.
2945 CVE-2017-3006 732 2017-04-12 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
2946 CVE-2017-3004 119 Exec Code Overflow Mem. Corr. 2017-04-12 2019-05-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have a memory corruption vulnerability when parsing malicious PCX files. Successful exploitation could lead to arbitrary code execution.
2947 CVE-2017-3003 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
2948 CVE-2017-3002 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
2949 CVE-2017-3001 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
2950 CVE-2017-2999 119 Exec Code Overflow Mem. Corr. 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.