CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 8 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3101 CVE-2017-3027 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution.
3102 CVE-2017-3026 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution.
3103 CVE-2017-3025 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution.
3104 CVE-2017-3024 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution.
3105 CVE-2017-3023 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution.
3106 CVE-2017-3019 125 Exec Code Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution.
3107 CVE-2017-3018 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution.
3108 CVE-2017-3017 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution.
3109 CVE-2017-3016 119 Exec Code Overflow Mem. Corr. 2017-08-11 2019-08-21
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
3110 CVE-2017-3015 119 Exec Code Overflow Mem. Corr. 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution.
3111 CVE-2017-3014 416 Exec Code 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution.
3112 CVE-2017-3013 427 2017-04-12 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging.
3113 CVE-2017-3012 427 2017-04-12 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin.
3114 CVE-2017-3011 190 Exec Code Overflow 2017-04-12 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution.
3115 CVE-2017-3010 119 Exec Code Overflow Mem. Corr. 2017-03-31 2019-05-22
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.
3116 CVE-2017-3006 732 2017-04-12 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
3117 CVE-2017-3004 119 Exec Code Overflow Mem. Corr. 2017-04-12 2019-05-10
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have a memory corruption vulnerability when parsing malicious PCX files. Successful exploitation could lead to arbitrary code execution.
3118 CVE-2017-3003 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
3119 CVE-2017-3002 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
3120 CVE-2017-3001 416 Exec Code 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
3121 CVE-2017-2999 119 Exec Code Overflow Mem. Corr. 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
3122 CVE-2017-2998 119 Exec Code Overflow Mem. Corr. 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
3123 CVE-2017-2997 119 Exec Code Overflow 2017-03-14 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
3124 CVE-2017-2996 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
3125 CVE-2017-2993 416 Exec Code 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
3126 CVE-2017-2992 119 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
3127 CVE-2017-2991 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
3128 CVE-2017-2990 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
3129 CVE-2017-2988 119 Exec Code Overflow Mem. Corr. 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.
3130 CVE-2017-2987 190 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
3131 CVE-2017-2986 119 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.
3132 CVE-2017-2985 416 Exec Code 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
3133 CVE-2017-2984 119 Exec Code Overflow 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.
3134 CVE-2017-2982 416 Exec Code 2017-02-15 2018-01-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
3135 CVE-2017-2973 119 Exec Code Overflow 2017-02-15 2017-07-24
10.0
None Remote Low Not required Complete Complete Complete
Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
3136 CVE-2017-2972 119 Exec Code Overflow Mem. Corr. 2017-01-24 2017-01-27
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution.
3137 CVE-2017-2971 119 Exec Code Overflow 2017-01-24 2017-01-27
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution.
3138 CVE-2017-2970 119 Exec Code Overflow 2017-01-24 2017-01-26
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution.
3139 CVE-2017-2967 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form's structure and organization. Successful exploitation could lead to arbitrary code execution.
3140 CVE-2017-2966 119 Exec Code Overflow 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution.
3141 CVE-2017-2965 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution.
3142 CVE-2017-2964 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution.
3143 CVE-2017-2963 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution.
3144 CVE-2017-2962 704 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution.
3145 CVE-2017-2961 416 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution.
3146 CVE-2017-2960 119 Exec Code Overflow Mem. Corr. 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution.
3147 CVE-2017-2959 119 Exec Code Overflow 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.
3148 CVE-2017-2958 416 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
3149 CVE-2017-2957 416 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution.
3150 CVE-2017-2956 416 Exec Code 2017-01-10 2017-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.