Vulnerabilities > Adobe > Acrobat Reader DC > 19.012.20036

DATE CVE VULNERABILITY TITLE RISK
2020-11-05 CVE-2020-24432 Improper Input Validation vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user.
network
adobe CWE-20
6.8
2020-11-05 CVE-2020-24431 Improper Authorization vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process.
network
adobe CWE-285
5.8
2020-11-05 CVE-2020-24430 Use After Free vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript.
network
adobe CWE-416
6.8
2020-11-05 CVE-2020-24429 Improper Verification of Cryptographic Signature vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation.
network
adobe CWE-347
6.8
2020-11-05 CVE-2020-24428 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation.
network
high complexity
adobe CWE-367
5.1
2020-11-05 CVE-2020-24427 Improper Input Validation vulnerability in Adobe products
Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory.
network
adobe CWE-20
4.3
2020-11-05 CVE-2020-24426 Out-of-bounds Read vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
network
adobe CWE-125
4.3
2020-08-19 CVE-2020-9723 Out-of-bounds Read vulnerability in Adobe Acrobat DC
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability.
network
low complexity
adobe CWE-125
5.0
2020-08-19 CVE-2020-9722 Use After Free vulnerability in Adobe Acrobat DC
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability.
network
adobe CWE-416
critical
9.3
2020-08-19 CVE-2020-9721 Out-of-bounds Read vulnerability in Adobe Acrobat DC
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability.
network
low complexity
adobe CWE-125
5.0