ByteOS

Product

Adobe Acrobat and Reader

Versions

Affected

2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions

Problem Types

Type	CWE ID	Description
text	N/A	Out-of-Bounds Write

Type: text

CWE ID: N/A

Description: Out-of-Bounds Write

References

Hyperlink	Resource
https://helpx.adobe.com/security/products/acrobat/apsb19-18.html	x_refsource_CONFIRM
http://www.securityfocus.com/bid/108322	vdb-entry x_refsource_BID
https://www.zerodayinitiative.com/advisories/ZDI-19-628/	x_refsource_MISC

Hyperlink: https://helpx.adobe.com/security/products/acrobat/apsb19-18.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/bid/108322

Resource:

vdb-entry

x_refsource_BID

Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-19-628/

Resource:

x_refsource_MISC

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://helpx.adobe.com/security/products/acrobat/apsb19-18.html	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/bid/108322	vdb-entry x_refsource_BID x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-19-628/	x_refsource_MISC x_transferred

Hyperlink: https://helpx.adobe.com/security/products/acrobat/apsb19-18.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securityfocus.com/bid/108322

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-19-628/

Resource:

x_refsource_MISC

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:psirt@adobe.com

Published At:22 May, 2019 | 15:29

Updated At:21 Aug, 2019 | 16:20

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C

Type: Primary

Version: 3.0

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 10.0

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*

>>acrobat_dc>>Versions from 15.006.30060(inclusive) to 15.006.30495(inclusive)

cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*

>>acrobat_dc>>Versions from 15.008.20082(inclusive) to 19.010.20100(inclusive)

cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*

>>acrobat_dc>>Versions from 17.011.30056(inclusive) to 17.011.30140(inclusive)

cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*

>>acrobat_reader_dc>>Versions from 15.006.30060(inclusive) to 15.006.30493(inclusive)

cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*

>>acrobat_reader_dc>>Versions from 15.008.20082(inclusive) to 19.010.20099(inclusive)

cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*

>>acrobat_reader_dc>>Versions from 17.011.30059(inclusive) to 17.011.30138(inclusive)

Apple Inc.

>>mac_os_x>>-

cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

Microsoft Corporation

>>windows>>-

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-787	Primary	nvd@nist.gov

CWE ID: CWE-787

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.securityfocus.com/bid/108322	psirt@adobe.com	Third Party Advisory VDB Entry
https://helpx.adobe.com/security/products/acrobat/apsb19-18.html	psirt@adobe.com	Patch Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-19-628/	psirt@adobe.com	N/A

Hyperlink: http://www.securityfocus.com/bid/108322

Source: psirt@adobe.com

Resource:

Third Party Advisory

VDB Entry

Hyperlink: https://helpx.adobe.com/security/products/acrobat/apsb19-18.html

Source: psirt@adobe.com

Resource:

Patch

Vendor Advisory

Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-19-628/

Source: psirt@adobe.com

Resource: N/A

Similar CVEs

4557Records found

CVE-2010-0886

Matching Score-8

Assigner-Oracle

Matching Score-8

Assigner-Oracle

CVSS Score-10||HIGH

EPSS-80.97% / 99.11%

7 Day CHG~0.00%

Published-20 Apr, 2010 | 19:00

Updated-11 Apr, 2025 | 00:51

Unspecified vulnerability in the Java Deployment Toolkit component in Oracle Java SE and Java for Business JDK and JRE 6 Update 10 through 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Vendor-n/a Sun Microsystems (Oracle Corporation)Microsoft Corporation

Product-windows jdk jre n/a

CVE-1999-0579

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-13.36% / 93.92%

7 Day CHG~0.00%

Published-04 Feb, 2000 | 05:00

Updated-03 Apr, 2025 | 01:03

A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.

Product-windows_nt n/a

CVE-1999-0285

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-13.36% / 93.92%

7 Day CHG~0.00%

Published-04 Feb, 2000 | 05:00

Updated-03 Apr, 2025 | 01:03

Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.

Product-windows_nt n/a

CVE-1999-0385

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-9.00% / 92.28%

7 Day CHG~0.00%

Published-29 Sep, 1999 | 04:00

Updated-03 Apr, 2025 | 01:03

The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.

Product-exchange_server n/a

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-1999-0407

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-29.62% / 96.46%

7 Day CHG~0.00%

Published-02 Jun, 2000 | 04:00

Updated-03 Apr, 2025 | 01:03

By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.

Product-internet_information_server n/a

CVE-2016-4615

Matching Score-8

Assigner-Apple Inc.

Matching Score-8

Assigner-Apple Inc.

CVSS Score-9.8||CRITICAL

EPSS-2.55% / 84.91%

7 Day CHG~0.00%

Published-22 Jul, 2016 | 01:00

Updated-12 Apr, 2025 | 10:46

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619.

Vendor-n/a Apple Inc.Microsoft Corporation

Product-watchos itunes icloud windows iphone_os mac_os_x tvos n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2010-0284

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-10.81% / 93.08%

7 Day CHG~0.00%

Published-18 Jun, 2010 | 16:00

Updated-11 Apr, 2025 | 00:51

Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678.

Vendor-n/a Novell Microsoft Corporation

Product-windows access_manager n/a

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2019-13375

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-9.8||CRITICAL

EPSS-14.09% / 94.10%

7 Day CHG-3.92%

Published-06 Jul, 2019 | 22:55

Updated-04 Aug, 2024 | 23:49

A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication.

Vendor-n/a D-Link Corporation Microsoft Corporation

Product-windows central_wifimanager n/a

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2019-1182

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-9.35% / 92.46%

7 Day CHG~0.00%

Published-14 Aug, 2019 | 20:55

Updated-04 Aug, 2024 | 18:13

Remote Desktop Services Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.

Product-windows_server_2016 windows_server_2012 windows_8.1 windows_rt_8.1 windows_7 windows_10 windows_server_2019 windows_server_2008 Windows 10 Version 1607 Windows Server 2019 (Server Core installation)Microsoft Remote Desktop for Mac Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1809 Windows Server 2016 (Server Core installation)Windows 10 Version 1903 for 32-bit Systems Windows 8.1 Windows Server 2012 (Server Core installation)Windows 10 Version 1709 Windows Server, version 1803 (Server Core Installation)Windows Server 2016 Windows 10 Version 1507 Microsoft Remote Desktop for IoS Windows 10 Version 1803 Windows Server 2012 R2 Windows Server 2012 Windows Server 2019 Windows Server 2012 R2 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 Version 1709 for 32-bit Systems Microsoft Remote Desktop for Android Windows 10 Version 1703

CVE-2009-3956

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-5.45% / 89.80%

7 Day CHG~0.00%

Published-13 Jan, 2010 | 19:00

Updated-07 Aug, 2024 | 06:45

The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers.

Vendor-unix n/a Apple Inc.Microsoft Corporation Adobe Inc.

Product-acrobat_reader acrobat mac_os_x windows unix n/a

CWE ID-CWE-16

Not Available

CVE-2019-1226

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-13.72% / 94.01%

7 Day CHG~0.00%

Published-14 Aug, 2019 | 20:55

Updated-04 Aug, 2024 | 18:13

Remote Desktop Services Remote Code Execution Vulnerability

Product-windows_server_2016 windows_server_2019 windows_10 Windows 10 Version 1803 Windows Server 2019 (Server Core installation)Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1809 Windows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit Systems Windows Server 2019 Windows Server, version 1803 (Server Core Installation)Windows 10 Version 1909 Windows Server, version 1903 (Server Core installation)

CVE-2009-3954

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-6.28% / 90.56%

7 Day CHG~0.00%

Published-13 Jan, 2010 | 19:00

Updated-07 Aug, 2024 | 06:45

The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability."

Vendor-unix n/a Apple Inc.Microsoft Corporation Adobe Inc.

Product-acrobat_reader acrobat mac_os_x windows unix n/a

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2000-0854

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-37.31% / 97.05%

7 Day CHG-0.44%

Published-07 May, 2001 | 04:00

Updated-03 Apr, 2025 | 01:03

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.

Product-office n/a

CVE-2016-4251

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-2.11% / 83.40%

7 Day CHG~0.00%

Published-13 Jul, 2016 | 01:00

Updated-12 Apr, 2025 | 10:46

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4252, and CVE-2016-4254.

Vendor-n/a Apple Inc.Adobe Inc.Microsoft Corporation

Product-acrobat_reader_dc acrobat_dc reader windows acrobat mac_os_x n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2009-3732

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-30.07% / 96.50%

7 Day CHG~0.00%

Published-12 Apr, 2010 | 18:00

Updated-11 Apr, 2025 | 00:51

Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.

Vendor-n/a VMware (Broadcom Inc.)Microsoft Corporation

Product-workstation server windows ace player n/a

CWE ID-CWE-134

Use of Externally-Controlled Format String

CVE-2009-3955

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-36.20% / 96.98%

7 Day CHG~0.00%

Published-13 Jan, 2010 | 19:00

Updated-07 Aug, 2024 | 06:45

Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption.

Vendor-n/a Apple Inc.Microsoft Corporation Adobe Inc.

Product-windows acrobat_reader mac_os_x acrobat n/a

CWE ID-CWE-399

Not Available

CVE-2009-3098

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-1.64% / 81.18%

7 Day CHG~0.00%

Published-08 Sep, 2009 | 18:00

Updated-17 Sep, 2024 | 01:06

Unspecified vulnerability in the Portal in HP Operations Dashboard 2.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Vendor-n/a Microsoft Corporation HP Inc.

Product-operations_dashboard windows_server_2003 n/a

CVE-2009-3792

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-0.40% / 60.08%

7 Day CHG~0.00%

Published-21 Dec, 2009 | 16:00

Updated-17 Sep, 2024 | 03:48

Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors.

Vendor-n/a Adobe Inc.

Product-flash_media_server n/a

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2009-3952

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-21.93% / 95.56%

7 Day CHG~0.00%

Published-08 Jan, 2010 | 17:00

Updated-17 Sep, 2024 | 03:38

Buffer overflow in Adobe Illustrator CS3 13.0.3 and earlier and Illustrator CS4 14.0.0 allows attackers to execute arbitrary code via unspecified vectors.

Vendor-n/a Adobe Inc.

Product-illustrator n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2021-34473

Matching Score-8

Matching Score-8

CVSS Score-9.1||CRITICAL

EPSS-94.26% / 99.93%

7 Day CHG+0.02%

Published-14 Jul, 2021 | 17:54

Updated-30 Jul, 2025 | 01:38

Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Microsoft Exchange Server Remote Code Execution Vulnerability

Product-exchange_server Microsoft Exchange Server 2019 Cumulative Update 9 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 8 Microsoft Exchange Server 2016 Cumulative Update 19 Microsoft Exchange Server 2016 Cumulative Update 20 Exchange Server

CWE ID-CWE-918

Server-Side Request Forgery (SSRF)

CVE-2009-2532

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-61.78% / 98.27%

7 Day CHG~0.00%

Published-14 Oct, 2009 | 10:00

Updated-07 Aug, 2024 | 05:52

Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "SMBv2 Command Value Vulnerability."

Product-windows_server_2008 windows_vista n/a

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2016-4092

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-12.44% / 93.66%

7 Day CHG~0.00%

Published-11 May, 2016 | 10:00

Updated-12 Apr, 2025 | 10:46

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091.

Vendor-n/a Apple Inc.Adobe Inc.Microsoft Corporation

Product-acrobat_reader_dc acrobat_dc reader windows acrobat mac_os_x n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-1072

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-23.96% / 95.81%

7 Day CHG~0.00%

Published-15 Jul, 2019 | 18:56

Updated-04 Aug, 2024 | 18:06

A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.

Product-azure_devops_server team_foundation_server Team Foundation Server 2015 Team Foundation Server 2018 Team Foundation Server 2013 Update 5 Team Foundation Server 2012 Team Foundation Server 2010 Team Foundation Server Azure DevOps Server

CWE ID-CWE-20

Improper Input Validation

CVE-2000-0563

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-0.47% / 63.80%

7 Day CHG~0.00%

Published-12 Jul, 2000 | 04:00

Updated-03 Apr, 2025 | 01:03

The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.

Vendor-n/a Apple Inc.

Product-mac_os_runtime_for_java n/a

CVE-2009-2028

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-4.07% / 88.09%

7 Day CHG~0.00%

Published-11 Jun, 2009 | 15:00

Updated-07 Aug, 2024 | 05:36

Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."

Vendor-n/a Adobe Inc.

Product-acrobat_reader acrobat n/a

CVE-2009-1925

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-41.90% / 97.33%

7 Day CHG~0.00%

Published-08 Sep, 2009 | 22:00

Updated-07 Aug, 2024 | 05:27

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka "TCP/IP Timestamps Code Execution Vulnerability."

Product-windows_server_2003 windows_server_2008 windows_vista windows_2000 n/a

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2019-0786

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-9.93% / 92.73%

7 Day CHG~0.00%

Published-09 Apr, 2019 | 20:15

Updated-04 Aug, 2024 | 17:58

An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine, aka 'SMB Server Elevation of Privilege Vulnerability'.

Product-windows_server_2016 windows_server_2019 windows_10 Windows Windows Server

CWE ID-CWE-20

Improper Input Validation

CVE-2009-1918

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-62.48% / 98.31%

7 Day CHG~0.00%

Published-29 Jul, 2009 | 17:00

Updated-07 Aug, 2024 | 05:27

Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption by adding malformed elements to an empty DIV element, related to the getElementsByTagName method, aka "HTML Objects Memory Corruption Vulnerability."

Product-internet_explorer windows_vista windows_server_2008 windows_xp windows_server_2003 windows_2000 n/a

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CVE-2009-1628

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-3.91% / 87.84%

7 Day CHG~0.00%

Published-26 Jun, 2009 | 18:00

Updated-16 Sep, 2024 | 19:05

Stack-based buffer overflow in mnet.exe in Unisys Business Information Server (BIS) 10 and 10.1 on Windows allows remote attackers to execute arbitrary code via a crafted TCP packet.

Vendor-unisys n/a Microsoft Corporation

Product-windows business_information_server n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2009-0928

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-11.41% / 93.31%

7 Day CHG~0.00%

Published-25 Mar, 2009 | 01:00

Updated-07 Aug, 2024 | 04:57

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.

Vendor-n/a Adobe Inc.

Product-acrobat_reader acrobat n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2009-3096

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-1.50% / 80.37%

7 Day CHG~0.00%

Published-08 Sep, 2009 | 18:00

Updated-17 Sep, 2024 | 02:16

Multiple unspecified vulnerabilities in HP Performance Insight 5.3 allow remote attackers to have an unknown impact, related to (1) a "Remote exploit" on Windows platforms, and (2) a "Remote preauthentication exploit" on the Windows Server 2003 SP2 platform, as demonstrated by certain modules in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Vendor-n/a Microsoft Corporation HP Inc.

Product-windows performance_insight n/a

CVE-2021-30655

Matching Score-8

Assigner-Apple Inc.

Matching Score-8

Assigner-Apple Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.62% / 69.01%

7 Day CHG~0.00%

Published-08 Sep, 2021 | 14:47

Updated-03 Aug, 2024 | 22:40

An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic.

Vendor-Apple Inc.

Product-macos mac_os_x macOS

CVE-2019-0708

Matching Score-8

Matching Score-8

Product-ch240 uma axiom_multix_m rh1288_v2_firmware rh5885_v3 multix_pro_acss axiom_vertix_solitaire_m syngo_lab_process_manager x6000 multix_pro_acss_firmware axiom_multix_m_firmware multix_swing_firmware rh5885_v3_firmware oceanstor_hvs85t multix_pro_p_firmware bh622_v2_firmware oceanstor_18500 bh621_v2_firmware rh2265_v2 windows_7 ch140 bh620_v2 aptio_firmware ch121 oceanstor_18500_firmware rh1288a_v2_firmware rh2285h_v2 ch221_firmware espace_ecs_firmware gtsoftx3000_firmware smc2.0_firmware ch242_v3 centralink multix_top_acss_p multix_pro atellica_solution ch242 uma_firmware rh2288e_v2 smc2.0 rh2288h_v2 rapidpoint_500_firmware ch221 oceanstor_hvs85t_firmware rh2288_v2 lantis rh2285_v2_firmware e6000_chassis_firmware elog_firmware multix_top_p bh640_v2 ch240_firmware rh1288_v2 seco_vsm viva_e_firmware rh2485_v2 rh2288_v2_firmware ch222_firmware ch140_firmware vertix_solitaire_firmware lantis_firmware rh5885_v2 ch220_firmware multix_swing aptio rapidpoint_500 streamlab_firmware agile_controller-campus_firmware mobilett_xp_digital_firmware rh2268_v2 x8000 axiom_vertix_md_trauma_firmware multix_pro_navy_firmware rh1288a_v2 x8000_firmware rh5885_v2_firmware gtsoftx3000 vertix_solitaire atellica_solution_firmware ch220 multix_pro_firmware bh622_v2 multix_top_acss_firmware axiom_vertix_md_trauma rh2285_v2 oceanstor_hvs88t_firmware windows_server_2008 oceanstor_18800f rh2265_v2_firmware rh2268_v2_firmware elog multix_top bh621_v2 rh2288a_v2_firmware mobilett_xp_digital e6000_firmware bh640_v2_firmware multix_pro_acss_p_firmware ch242_firmware rh2285h_v2_firmware rh2288e_v2_firmware oceanstor_18800f_firmware viva_e x6000_firmware bh620_v2_firmware espace_ecs e6000 centralink_firmware ch121_firmware multix_top_firmware multix_top_p_firmware viva_twin rh2288a_v2 multix_top_acss multix_pro_acss_p e6000_chassis multix_pro_p axiom_vertix_solitaire_m_firmware oceanstor_18800 oceanstor_18800_firmware ch242_v3_firmware agile_controller-campus rh2485_v2_firmware multix_top_acss_p_firmware seco_vsm_firmware streamlab rh2288h_v2_firmware multix_pro_navy ch222 oceanstor_hvs88t viva_twin_firmware Windows Server Windows Remote Desktop Services

CVSS Score-9.8||CRITICAL

EPSS-94.44% / 99.99%

7 Day CHG~0.00%

Published-16 May, 2019 | 18:17

Updated-30 Jul, 2025 | 01:46

Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

Vendor-Huawei Technologies Co., Ltd.Siemens AG Microsoft Corporation

CWE ID-CWE-416

Use After Free

CVE-2009-0228

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-41.21% / 97.30%

7 Day CHG~0.00%

Published-10 Jun, 2009 | 17:37

Updated-07 Aug, 2024 | 04:24

Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC request, related to "printing data structures," aka "Buffer Overflow in Print Spooler Vulnerability."

Product-windows_2000 n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2009-0869

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-15.20% / 94.34%

7 Day CHG~0.00%

Published-10 Mar, 2009 | 20:00

Updated-17 Sep, 2024 | 03:28

Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0.0 through 5.5.1.4 on Windows allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.

Vendor-n/a Microsoft Corporation IBM Corporation

Product-windows tivoli_storage_manager_hsm n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2009-0568

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-54.70% / 97.95%

7 Day CHG~0.00%

Published-10 Jun, 2009 | 17:37

Updated-07 Aug, 2024 | 04:40

The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which allows remote attackers to overwrite arbitrary memory locations via a crafted RPC message that triggers incorrect pointer reading, related to "IDL interfaces containing a non-conformant varying array" and FC_SMVARRAY, FC_LGVARRAY, FC_VARIABLE_REPEAT, and FC_VARIABLE_OFFSET, aka "RPC Marshalling Engine Vulnerability."

Product-windows_server windows_vista windows_server_2008 windows_2003_server windows_xp windows_2000 n/a

CWE ID-CWE-264

Not Available

CVE-2016-1129

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-5.11% / 89.45%

7 Day CHG~0.00%

Published-11 May, 2016 | 10:00

Updated-12 Apr, 2025 | 10:46

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.

Vendor-n/a Apple Inc.Adobe Inc.Microsoft Corporation

Product-acrobat_reader_dc acrobat_dc reader windows acrobat mac_os_x n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2009-0086

Matching Score-8

Matching Score-8

CVSS Score-10||HIGH

EPSS-49.60% / 97.73%

7 Day CHG~0.00%

Published-15 Apr, 2009 | 03:49

Updated-07 Aug, 2024 | 04:24

Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in a response, related to error handling, aka "Windows HTTP Services Integer Underflow Vulnerability."

Product-windows_vista windows_2000 windows_xp windows_server_2003 windows_server_2008 n/a

CWE ID-CWE-189

Not Available

CVE-2019-0729

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-1.42% / 79.78%

7 Day CHG~0.00%

Published-06 Mar, 2019 | 00:00

Updated-04 Aug, 2024 | 17:58

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.

Product-java_software_development_kit Java SDK for Azure IoT

CWE ID-CWE-330

Use of Insufficiently Random Values

CVE-2021-29644

Matching Score-8

Assigner-MITRE Corporation

Product-job_management_partner_1\/it_desktop_management-manager jp1\/remote_control_agent jp1\/it_desktop_management-manager jp1\/it_desktop_management_2-manager jp1\/it_desktop_management_2-operations_director job_management_partner_1\/remote_control_agent windows jp1\/netdm\/dm_client job_management_partner_1\/software_distribution_client jp1\/netdm\/dm_manager jp1\/netm\/remote_control_agent job_management_partner_1\/software_distribution_manager job_management_partner_1\/it_desktop_management_2-manager it_operations_director jp1\/netdm\/dm_client-remote_control_feature n/a

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-8.1||HIGH

EPSS-2.62% / 85.12%

7 Day CHG~0.00%

Published-12 Oct, 2021 | 18:19

Updated-03 Aug, 2024 | 22:11

Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS.

Vendor-n/a Hitachi, Ltd.Microsoft Corporation

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2021-28481

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-3.80% / 87.64%

7 Day CHG-0.57%

Published-13 Apr, 2021 | 19:33

Updated-03 Aug, 2024 | 21:47

Microsoft Exchange Server Remote Code Execution Vulnerability

Product-exchange_server Microsoft Exchange Server 2016 Cumulative Update 19 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2016 Cumulative Update 20 Microsoft Exchange Server 2019 Cumulative Update 9 Microsoft Exchange Server 2019 Cumulative Update 8

CVE-2021-28480

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-67.80% / 98.52%

7 Day CHG~0.00%

Published-13 Apr, 2021 | 19:33

Updated-03 Aug, 2024 | 21:47

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-26472

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||CRITICAL

EPSS-9.97% / 92.75%

7 Day CHG~0.00%

Published-08 Jun, 2021 | 18:37

Updated-16 Sep, 2024 | 22:08

Unauthenticated remote command execution with SYSTEM privileges in Vembu products

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.

Vendor-vembu n/a Microsoft Corporation

Product-offsite_dr windows bdr_suite n/a

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2021-26894

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-9.93% / 92.73%

7 Day CHG~0.00%

Published-11 Mar, 2021 | 15:43

Updated-03 Aug, 2024 | 20:33

Windows DNS Server Remote Code Execution Vulnerability

CVE-2021-26607

Matching Score-8

Assigner-KrCERT/CC

Matching Score-8

Assigner-KrCERT/CC

CVSS Score-8.1||HIGH

EPSS-0.97% / 75.67%

7 Day CHG~0.00%

Published-26 Oct, 2021 | 12:06

Updated-03 Aug, 2024 | 20:26

TOBESOFT NEXACRO17 arbitrary command execution vulnerability

An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems.

Vendor-tobesoft TOBESOFT Microsoft Corporation

Product-windows nexacro NEXACRO17

CWE ID-CWE-20

Improper Input Validation

CVE-2021-26897

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-10.79% / 93.07%

7 Day CHG~0.00%

Published-11 Mar, 2021 | 15:43

Updated-03 Aug, 2024 | 20:33

Windows DNS Server Remote Code Execution Vulnerability

CVE-2021-26895

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-9.93% / 92.73%

7 Day CHG~0.00%

Published-11 Mar, 2021 | 15:43

Updated-03 Aug, 2024 | 20:33

Windows DNS Server Remote Code Execution Vulnerability

CVE-2008-6820

Matching Score-8

Assigner-MITRE Corporation

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-10||HIGH

EPSS-0.78% / 72.83%

7 Day CHG~0.00%

Published-03 Jun, 2009 | 20:35

Updated-07 Aug, 2024 | 11:42

The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 on Windows runs with "OS privilege," which has unknown impact and attack vectors, a different vulnerability than CVE-2008-3856.

Vendor-n/a Microsoft Corporation IBM Corporation

Product-windows db2 n/a

CWE ID-CWE-16

Not Available

CVE-2018-8529

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-35.74% / 96.95%

7 Day CHG~0.00%

Published-15 Nov, 2018 | 19:00

Updated-05 Aug, 2024 | 07:02

A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.

Product-team_foundation_server Team

CVE-2018-8540

Matching Score-8

Matching Score-8

CVSS Score-9.8||CRITICAL

EPSS-11.83% / 93.47%

7 Day CHG~0.00%

Published-12 Dec, 2018 | 00:00

Updated-05 Aug, 2024 | 07:02

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 4.6.2.