Vulnerabilities > Adobe > Acrobat DC > 15.023.20070

DATE CVE VULNERABILITY TITLE RISK
2021-02-11 CVE-2021-21017 Out-of-bounds Write vulnerability in Adobe products
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability.
network
adobe CWE-787
6.8
2020-11-05 CVE-2020-24439 Improper Verification of Cryptographic Signature vulnerability in Adobe products
Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass.
local
high complexity
adobe CWE-347
1.2
2020-11-05 CVE-2020-24438 Use After Free vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak.
network
adobe CWE-416
4.3
2020-11-05 CVE-2020-24437 Use After Free vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user.
network
adobe CWE-416
6.8
2020-11-05 CVE-2020-24436 Out-of-bounds Write vulnerability in Adobe products
Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure.
network
adobe CWE-787
6.8
2020-11-05 CVE-2020-24435 Heap-based Buffer Overflow vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user.
network
adobe CWE-122
6.8
2020-11-05 CVE-2020-24434 Out-of-bounds Read vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
network
adobe CWE-125
4.3
2020-11-05 CVE-2020-24433 Unspecified vulnerability in Adobe products
Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary code as SYSTEM.
local
low complexity
adobe
7.8
2020-11-05 CVE-2020-24432 Improper Input Validation vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user.
network
adobe CWE-20
6.8
2020-11-05 CVE-2020-24431 Improper Authorization vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process.
network
adobe CWE-285
5.8