| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-15320 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled. | ||
| CVE-2019-15319 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce. | ||
| CVE-2018-20985 | Cri | 0.64 | 9.8 | 0.08 | Aug 22, 2019 | The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec. | ||
| CVE-2018-20984 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The patreon-connect plugin before 1.2.2 for WordPress has Object Injection. | ||
| CVE-2017-18583 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection. | ||
| CVE-2017-18580 | Cri | 0.65 | 9.8 | 0.12 | Aug 22, 2019 | The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode. | ||
| CVE-2016-10927 | Cri | 0.65 | 10.0 | 0.02 | Aug 22, 2019 | The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php. | ||
| CVE-2016-10926 | Cri | 0.65 | 10.0 | 0.02 | Aug 22, 2019 | The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. | ||
| CVE-2016-10923 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation. | ||
| CVE-2016-10922 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation. | ||
| CVE-2014-10384 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion. | ||
| CVE-2014-10383 | Cri | 0.64 | 9.8 | 0.03 | Aug 22, 2019 | The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion. | ||
| CVE-2019-15318 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field. | ||
| CVE-2018-20981 | Cri | 0.59 | 9.1 | 0.02 | Aug 22, 2019 | The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. | ||
| CVE-2018-20979 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type. | ||
| CVE-2017-18573 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | ||
| CVE-2017-18571 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316. | ||
| CVE-2017-18570 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries. | ||
| CVE-2016-10921 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection. | ||
| CVE-2016-10917 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316. | ||
| CVE-2016-10916 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319. | ||
| CVE-2015-9335 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling. | ||
| CVE-2015-9333 | Cri | 0.64 | 9.8 | 0.02 | Aug 22, 2019 | The cforms2 plugin before 14.6.10 for WordPress has SQL injection. | ||
| CVE-2019-6177 | Cri | 0.64 | 9.8 | 0.01 | Aug 21, 2019 | A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that… | ||
| CVE-2019-10687 | Cri | 0.64 | 9.8 | 0.03 | Aug 21, 2019 | KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request. | ||
| CVE-2019-1974 | Cri | 0.64 | 9.8 | 0.04 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an… | ||
| CVE-2019-1938 | Cri | 0.64 | 9.8 | 0.05 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The… | ||
| CVE-2019-1937 | Cri | 0.73 | 9.8 | 0.76 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator… | ||
| CVE-2019-1935 | Cri | 0.73 | 9.8 | 0.83 | Aug 21, 2019 | A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which… | ||
| CVE-2019-15074 | — | Cri | 0.56 | 9.6 | 0.02 | Aug 21, 2019 | The Timeline feature in my_view_page.php in MantisBT through 2.21.1 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. The code is executed for any user… | |
| CVE-2014-10379 | Cri | 0.64 | 9.8 | 0.02 | Aug 21, 2019 | The duplicate-post plugin before 2.6 for WordPress has SQL injection. | ||
| CVE-2019-15111 | Cri | 0.64 | 9.8 | 0.02 | Aug 21, 2019 | The wp-front-end-profile plugin before 0.2.2 for WordPress has a privilege escalation issue. | ||
| CVE-2016-10909 | Cri | 0.64 | 9.8 | 0.02 | Aug 21, 2019 | The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection. | ||
| CVE-2019-5035 | Cri | 0.59 | 9.0 | 0.00 | Aug 20, 2019 | An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device… | ||
| CVE-2019-8100 | Cri | 0.64 | 9.8 | 0.04 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could… | ||
| CVE-2019-8098 | Cri | 0.64 | 9.8 | 0.04 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could… | ||
| CVE-2019-8061 | Cri | 0.64 | 9.8 | 0.04 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead… | ||
| CVE-2019-8060 | Cri | 0.64 | 9.8 | 0.06 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a command injection vulnerability. Successful exploitation could lead… | ||
| CVE-2019-8055 | Cri | 0.64 | 9.8 | 0.04 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead… | ||
| CVE-2019-8050 | Cri | 0.70 | 9.8 | 0.41 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to… | ||
| CVE-2019-6143 | Cri | 0.59 | 9.1 | 0.01 | Aug 20, 2019 | Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW… | ||
| CVE-2019-8049 | Cri | 0.68 | 9.8 | 0.20 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to… | ||
| CVE-2019-8048 | Cri | 0.70 | 9.8 | 0.35 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a buffer error vulnerability. Successful exploitation could lead to… | ||
| CVE-2019-8047 | Cri | 0.64 | 9.8 | 0.04 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead… | ||
| CVE-2019-8046 | Cri | 0.68 | 9.8 | 0.18 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to… | ||
| CVE-2019-8045 | Cri | 0.68 | 9.8 | 0.16 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an untrusted pointer dereference vulnerability. Successful… | ||
| CVE-2019-8044 | Cri | 0.68 | 9.8 | 0.14 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a double free vulnerability. Successful exploitation could lead to… | ||
| CVE-2019-8042 | Cri | 0.68 | 9.8 | 0.17 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to… | ||
| CVE-2019-8041 | Cri | 0.68 | 9.8 | 0.18 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to… | ||
| CVE-2019-8036 | Cri | 0.64 | 9.8 | 0.05 | Aug 20, 2019 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead… |
- risk 0.64cvss 9.8epss 0.02
The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled.
- risk 0.64cvss 9.8epss 0.02
The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce.
- risk 0.64cvss 9.8epss 0.08
The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec.
- risk 0.64cvss 9.8epss 0.02
The patreon-connect plugin before 1.2.2 for WordPress has Object Injection.
- risk 0.64cvss 9.8epss 0.02
The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection.
- risk 0.65cvss 9.8epss 0.12
The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode.
- risk 0.65cvss 10.0epss 0.02
The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.
- risk 0.65cvss 10.0epss 0.02
The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.
- risk 0.64cvss 9.8epss 0.02
The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation.
- risk 0.64cvss 9.8epss 0.02
The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation.
- risk 0.64cvss 9.8epss 0.02
The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion.
- risk 0.64cvss 9.8epss 0.03
The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion.
- risk 0.64cvss 9.8epss 0.02
The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field.
- risk 0.59cvss 9.1epss 0.02
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.
- risk 0.64cvss 9.8epss 0.02
The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type.
- risk 0.64cvss 9.8epss 0.02
The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.02
The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316.
- risk 0.64cvss 9.8epss 0.02
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.
- risk 0.64cvss 9.8epss 0.02
The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.02
The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316.
- risk 0.64cvss 9.8epss 0.02
The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319.
- risk 0.64cvss 9.8epss 0.02
The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling.
- risk 0.64cvss 9.8epss 0.02
The cforms2 plugin before 14.6.10 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.01
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that…
- risk 0.64cvss 9.8epss 0.03
KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.
- risk 0.64cvss 9.8epss 0.04
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass user authentication and gain access as an…
- risk 0.64cvss 9.8epss 0.05
A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. The…
- risk 0.73cvss 9.8epss 0.76
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to acquire a valid session token with administrator…
- risk 0.73cvss 9.8epss 0.83
A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which…
- risk 0.56cvss 9.6epss 0.02
The Timeline feature in my_view_page.php in MantisBT through 2.21.1 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. The code is executed for any user…
- risk 0.64cvss 9.8epss 0.02
The duplicate-post plugin before 2.6 for WordPress has SQL injection.
- risk 0.64cvss 9.8epss 0.02
The wp-front-end-profile plugin before 0.2.2 for WordPress has a privilege escalation issue.
- risk 0.64cvss 9.8epss 0.02
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection.
- risk 0.59cvss 9.0epss 0.00
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device…
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could…
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could…
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead…
- risk 0.64cvss 9.8epss 0.06
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a command injection vulnerability. Successful exploitation could lead…
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead…
- risk 0.70cvss 9.8epss 0.41
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to…
- risk 0.59cvss 9.1epss 0.01
Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW…
- risk 0.68cvss 9.8epss 0.20
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to…
- risk 0.70cvss 9.8epss 0.35
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a buffer error vulnerability. Successful exploitation could lead to…
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead…
- risk 0.68cvss 9.8epss 0.18
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to…
- risk 0.68cvss 9.8epss 0.16
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an untrusted pointer dereference vulnerability. Successful…
- risk 0.68cvss 9.8epss 0.14
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a double free vulnerability. Successful exploitation could lead to…
- risk 0.68cvss 9.8epss 0.17
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to…
- risk 0.68cvss 9.8epss 0.18
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to…
- risk 0.64cvss 9.8epss 0.05
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead…