Vulnerabilities > Adobe > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-05 | CVE-2020-24436 | Out-of-bounds Write vulnerability in Adobe products Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. | 6.8 |
2020-11-05 | CVE-2020-24435 | Heap-based Buffer Overflow vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. | 6.8 |
2020-11-05 | CVE-2020-24434 | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 4.3 |
2020-11-05 | CVE-2020-24432 | Improper Input Validation vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. | 6.8 |
2020-11-05 | CVE-2020-24431 | Improper Authorization vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. | 5.8 |
2020-11-05 | CVE-2020-24430 | Use After Free vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript. | 6.8 |
2020-11-05 | CVE-2020-24429 | Improper Verification of Cryptographic Signature vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. | 6.8 |
2020-11-05 | CVE-2020-24428 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. | 5.1 |
2020-11-05 | CVE-2020-24427 | Improper Input Validation vulnerability in Adobe products Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. | 4.3 |
2020-11-05 | CVE-2020-24426 | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 4.3 |