Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-12 CVE-2017-3046 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing.
local
low complexity
adobe CWE-125
5.5
2017-04-12 CVE-2017-3045 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box.
local
low complexity
adobe CWE-125
5.5
2017-04-12 CVE-2017-3043 Information Exposure vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality.
local
low complexity
adobe CWE-200
5.5
2017-03-14 CVE-2017-3000 Unspecified vulnerability in Adobe Flash Player
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding.
network
low complexity
adobe
6.5
2017-02-15 CVE-2017-2969 Cross-site Scripting vulnerability in Adobe Campaign 16.4
Adobe Campaign versions 16.4 Build 8724 and earlier have a cross-site scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
6.1
2017-01-24 CVE-2017-2929 Cross-site Scripting vulnerability in Adobe Acrobat 15.1.0.3
Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability.
network
low complexity
adobe CWE-79
6.1
2017-01-11 CVE-2017-2947 Improper Input Validation vulnerability in Adobe products
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF).
local
low complexity
adobe CWE-20
5.5
2017-01-11 CVE-2017-2938 Unspecified vulnerability in Adobe Flash Player
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.
network
low complexity
adobe
6.5
2016-12-15 CVE-2016-7891 Cross-site Scripting vulnerability in Adobe Robohelp
Adobe RoboHelp version 2015.0.3 and earlier, RoboHelp 11 and earlier have an input validation issue that could be used in cross-site scripting attacks.
network
low complexity
adobe CWE-79
6.1
2016-12-15 CVE-2016-7888 Information Exposure vulnerability in Adobe Digital Editions
Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak.
network
low complexity
adobe CWE-200
5.3