Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-2022

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Apr, 2007 | 18:00
Updated At-07 Aug, 2024 | 13:13
Rejected At-
Credits

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Apr, 2007 | 18:00
Updated At:07 Aug, 2024 | 13:13
Rejected At:
▼CVE Numbering Authority (CNA)

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/28068
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/33595
vdb-entry
x_refsource_XF
http://secunia.com/advisories/25894
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/26357
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/26860
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1
vendor-advisory
x_refsource_SUNALERT
http://secunia.com/advisories/25669
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/4190
vdb-entry
x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2007:138
vendor-advisory
x_refsource_MANDRIVA
https://issues.rpath.com/browse/RPL-1462
x_refsource_CONFIRM
http://www.securityfocus.com/bid/23437
vdb-entry
x_refsource_BID
http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/24877
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/26027
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_12_sr.html
vendor-advisory
x_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2007-0494.html
vendor-advisory
x_refsource_REDHAT
http://www.us-cert.gov/cas/techalerts/TA07-192A.html
third-party-advisory
x_refsource_CERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332
vdb-entry
signature
x_refsource_OVAL
http://www.vupen.com/english/advisories/2007/1361
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/26118
third-party-advisory
x_refsource_SECUNIA
http://www.adobe.com/support/security/advisories/apsa07-03.html
x_refsource_CONFIRM
http://secunia.com/advisories/25027
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_28_opera.html
vendor-advisory
x_refsource_SUSE
http://www.opera.com/support/search/view/858/
x_refsource_CONFIRM
http://secunia.com/advisories/25933
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2497
vdb-entry
x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1
vendor-advisory
x_refsource_SUNALERT
http://www.securitytracker.com/id?1017903
vdb-entry
x_refsource_SECTRACK
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
vendor-advisory
x_refsource_SGI
http://secunia.com/advisories/25662
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25432
third-party-advisory
x_refsource_SECUNIA
http://www.adobe.com/support/security/bulletins/apsb07-12.html
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/28068
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/33595
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/25894
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/26357
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/26860
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://secunia.com/advisories/25669
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/4190
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:138
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: https://issues.rpath.com/browse/RPL-1462
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/23437
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/24877
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/26027
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2007_12_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0494.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-192A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.vupen.com/english/advisories/2007/1361
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/26118
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.adobe.com/support/security/advisories/apsa07-03.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/25027
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2007_28_opera.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.opera.com/support/search/view/858/
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/25933
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/2497
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.securitytracker.com/id?1017903
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://secunia.com/advisories/25662
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25432
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb07-12.html
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/28068
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/33595
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/25894
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/26357
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/26860
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://secunia.com/advisories/25669
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/4190
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:138
vendor-advisory
x_refsource_MANDRIVA
x_transferred
https://issues.rpath.com/browse/RPL-1462
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/23437
vdb-entry
x_refsource_BID
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/24877
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/26027
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2007_12_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0494.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.us-cert.gov/cas/techalerts/TA07-192A.html
third-party-advisory
x_refsource_CERT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.vupen.com/english/advisories/2007/1361
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/26118
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.adobe.com/support/security/advisories/apsa07-03.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/25027
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2007_28_opera.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.opera.com/support/search/view/858/
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/25933
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/2497
vdb-entry
x_refsource_VUPEN
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.securitytracker.com/id?1017903
vdb-entry
x_refsource_SECTRACK
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
vendor-advisory
x_refsource_SGI
x_transferred
http://secunia.com/advisories/25662
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25432
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.adobe.com/support/security/bulletins/apsb07-12.html
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/28068
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/33595
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/25894
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/26357
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/26860
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://secunia.com/advisories/25669
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/4190
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:138
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1462
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/23437
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/24877
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/26027
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_12_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0494.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-192A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1361
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/26118
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.adobe.com/support/security/advisories/apsa07-03.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/25027
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_28_opera.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.opera.com/support/search/view/858/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/25933
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2497
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.securitytracker.com/id?1017903
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://secunia.com/advisories/25662
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25432
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb07-12.html
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Apr, 2007 | 18:19
Updated At:11 Oct, 2017 | 01:32

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Adobe Inc.
adobe
>>flash_player>>7.0.25
cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>8.0
cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.18d60
cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.20
cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.28
cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.0
cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.02
cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.10
cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.11
cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>5.12
cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.0
cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.0
cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.0
cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.0
cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.0
cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.0
cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.1
cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.01
cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.1
cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.02
cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.03
cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.04
cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.05
cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.06
cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.11
cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>6.12
cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.0
cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.0
cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.0
cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.0
cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.01
cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.02
cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.03
cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.10
cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.10
cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.11
cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.11
cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.20
cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.20
cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.21
cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.22
cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.23
cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*
Opera
opera
>>opera_browser>>7.50
cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-200Primarynvd@nist.gov
CWE ID: CWE-200
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asccve@mitre.org
N/A
http://secunia.com/advisories/24877cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25027cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25432cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25662cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25669cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25894cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/25933cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/26027cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/26118cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/26357cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/26860cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/28068cve@mitre.org
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1cve@mitre.org
N/A
http://www.adobe.com/support/security/advisories/apsa07-03.htmlcve@mitre.org
N/A
http://www.adobe.com/support/security/bulletins/apsb07-12.htmlcve@mitre.org
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200708-01.xmlcve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:138cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2007_12_sr.htmlcve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2007_28_opera.htmlcve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2007_46_flashplayer.htmlcve@mitre.org
N/A
http://www.opera.com/support/search/view/858/cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2007-0494.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/23437cve@mitre.org
N/A
http://www.securitytracker.com/id?1017903cve@mitre.org
N/A
http://www.us-cert.gov/cas/techalerts/TA07-192A.htmlcve@mitre.org
US Government Resource
http://www.vupen.com/english/advisories/2007/1361cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2007/2497cve@mitre.org
Vendor Advisory
http://www.vupen.com/english/advisories/2007/4190cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33595cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-1462cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332cve@mitre.org
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/24877
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25027
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25432
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25662
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25669
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25894
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/25933
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/26027
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/26118
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/26357
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/26860
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28068
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.adobe.com/support/security/advisories/apsa07-03.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb07-12.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:138
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_12_sr.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_28_opera.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.opera.com/support/search/view/858/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0494.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/23437
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1017903
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-192A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2007/1361
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/2497
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/4190
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/33595
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1462
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

627Records found
CVE-2007-1563
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-10.07% / 92.78%
||
7 Day CHG~0.00%
Published-21 Mar, 2007 | 19:00
Updated-07 Aug, 2024 | 12:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.

Action-Not Available
Vendor-n/aOpera
Product-opera_browsern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-24422
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7||HIGH
EPSS-9.58% / 92.55%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 19:58
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncontrolled Search Path in Creative Cloud Desktop Application

Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.
Product-creative_cloudCreative Cloud (desktop component)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24432
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-6.7||MEDIUM
EPSS-4.42% / 88.59%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 19:32
Updated-17 Sep, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Reader DC Arbitrary JavaScript Execution in PDF Documents

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. To exploit this issue, an attacker must acquire and then modify a certified PDF document that is trusted by the victim. The attacker then needs to convince the victim to open the document.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-20
Improper Input Validation
CVE-2020-24415
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-5.26% / 89.60%
||
7 Day CHG~0.00%
Published-20 Oct, 2020 | 21:55
Updated-16 Sep, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Illustrator Memory Corruption Vulnerability

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-windowsillustratorIllustrator
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-24435
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-16.49% / 94.63%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 19:32
Updated-17 Sep, 2024 | 04:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Reader DC Heap-based Buffer Overflow Could Lead to Arbitrary Code Execution

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file in Acrobat Reader.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-24437
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-11.57% / 93.37%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 19:31
Updated-16 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Arbitrary Code Execution

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-416
Use After Free
CVE-2020-24414
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-5.26% / 89.60%
||
7 Day CHG~0.00%
Published-20 Oct, 2020 | 21:56
Updated-17 Sep, 2024 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Illustrator Memory Corruption Vulnerability

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-windowsillustratorIllustrator
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-24436
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.65% / 87.39%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 19:32
Updated-16 Sep, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Pro DC PDF Export Out-Of-Bounds Write Vulnerability Could Lead to Arbitrary Code Execution

Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit in that the victim must open a malicious document.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-2203
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-6.8||MEDIUM
EPSS-3.65% / 87.40%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-unixn/aAdobe Inc.
Product-acrobat_readeracrobatunixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-24429
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.7||HIGH
EPSS-0.12% / 31.84%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 19:31
Updated-17 Sep, 2024 | 01:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Reader DC for macOS Signature Verification Bypass Could Lead to Privilege Escalation

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2016-4200
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-1.97% / 82.79%
||
7 Day CHG~0.00%
Published-13 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_dcreaderwindowsacrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0605
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-6.8||MEDIUM
EPSS-4.12% / 88.15%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.Apple Inc.
Product-acrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0568
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-6.8||MEDIUM
EPSS-3.72% / 87.51%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aAdobe Inc.Apple Inc.
Product-acrobat_readeracrobatmac_os_xn/a
CVE-2010-0186
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-6.8||MEDIUM
EPSS-2.92% / 85.86%
||
7 Day CHG~0.00%
Published-15 Feb, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobat_readeracrobatadobe_airflash_playern/a
CVE-2011-0629
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-6.8||MEDIUM
EPSS-0.23% / 45.61%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-coldfusionn/a
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2016-1111
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.25% / 86.62%
||
7 Day CHG~0.00%
Published-30 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CVE-2010-2576
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-6.8||MEDIUM
EPSS-1.87% / 82.33%
||
7 Day CHG~0.00%
Published-16 Aug, 2010 | 18:25
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently execute arbitrary code, via vectors involving (1) closing a tab or (2) hiding a tab, a related issue to CVE-2005-2407.

Action-Not Available
Vendor-n/aOpera
Product-opera_browsern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2016-0931
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.84% / 85.68%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FileAttachment annotation, a different vulnerability than CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1001
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-48.18% / 97.65%
||
7 Day CHG~0.00%
Published-12 Mar, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aSamsungAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-airflash_playerchrome_oslinux_kernelflash_player_desktop_runtimeair_desktop_runtimeair_sdkx14j_firmwareair_sdk_\&_compilerwindows_8.1windowsiphone_osmac_os_xandroidwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-0941
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-5.11% / 89.43%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CVE-2016-0943
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-6.05% / 90.37%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CVE-2016-0939
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.84% / 85.68%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-0948
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-0.29% / 51.91%
||
7 Day CHG~0.00%
Published-10 Feb, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-connectn/a
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2016-0935
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-6.05% / 90.37%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CVE-2016-0934
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-5.11% / 89.43%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in AGM.dll in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2016-0932, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CVE-2019-7980
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-24.11% / 95.85%
||
7 Day CHG~0.00%
Published-26 Aug, 2019 | 18:31
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsphotoshop_ccmacosAdobe Photoshop CC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-7991
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-2.02% / 83.02%
||
7 Day CHG-1.55%
Published-26 Aug, 2019 | 18:44
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsphotoshop_ccmacosAdobe Photoshop CC
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-8217
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:26
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8181
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:18
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8033
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-24.50% / 95.90%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:52
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8038
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-17.69% / 94.84%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:55
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-7995
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.57% / 87.26%
||
7 Day CHG~0.00%
Published-26 Aug, 2019 | 18:49
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsphotoshop_ccmacosAdobe Photoshop CC
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-8166
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.96% / 87.88%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:13
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a buffer overrun vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-8175
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:16
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8210
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:25
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-7842
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-10.29% / 92.87%
||
7 Day CHG~0.00%
Published-22 May, 2019 | 18:14
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. Successful exploitation could lead to remote code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsmacosmedia_encoderAdobe Media Encoder
CWE ID-CWE-416
Use After Free
CVE-2019-8224
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:28
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2009-2067
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.27% / 49.75%
||
7 Day CHG~0.00%
Published-15 Jun, 2009 | 19:00
Updated-07 Aug, 2024 | 05:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

Action-Not Available
Vendor-n/aOpera
Product-opera_browsern/a
CWE ID-CWE-287
Improper Authentication
CVE-2019-8178
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:17
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8019
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-12.00% / 93.51%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:44
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2019-8171
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.16% / 86.40%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:15
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-7986
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-24.11% / 95.85%
||
7 Day CHG~0.00%
Published-26 Aug, 2019 | 18:40
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsphotoshop_ccmacosAdobe Photoshop CC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-7826
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-12.31% / 93.61%
||
7 Day CHG~0.00%
Published-22 May, 2019 | 17:34
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-0932
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-5.11% / 89.43%
||
7 Day CHG~0.00%
Published-14 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.

Action-Not Available
Vendor-n/aApple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_reader_dcacrobat_readeracrobat_dcwindowsacrobatmac_os_xn/a
CVE-2019-7931
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-7.39% / 91.35%
||
7 Day CHG~0.00%
Published-14 Aug, 2019 | 14:52
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Adobe Inc.
Product-premiere_pro_ccAdobe Premiere Pro CC
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-7979
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-24.11% / 95.85%
||
7 Day CHG~0.00%
Published-26 Aug, 2019 | 18:27
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsphotoshop_ccmacosAdobe Photoshop CC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2009-1493
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-76.13% / 98.88%
||
7 Day CHG~0.00%
Published-30 Apr, 2009 | 20:00
Updated-07 Aug, 2024 | 05:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.

Action-Not Available
Vendor-n/aAdobe Inc.Linux Kernel Organization, Inc
Product-readerlinux_kerneln/a
CWE ID-CWE-399
Not Available
CVE-2019-7982
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-24.11% / 95.85%
||
7 Day CHG~0.00%
Published-26 Aug, 2019 | 18:36
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsphotoshop_ccmacosAdobe Photoshop CC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8225
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:28
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8223
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-3.97% / 87.93%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:27
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 12
  • 13
  • Next
Details not found