Search
Total
1952 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10957 | 1 Foxitsoftware | 1 Foxit Reader | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the arrowEnd attribute of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4979. | |||||
| CVE-2017-10958 | 1 Foxitsoftware | 1 Foxit Reader | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the value attribute of Field objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4980. | |||||
| CVE-2017-10959 | 1 Foxitsoftware | 1 Foxit Reader | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setAction method of Link objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4981. | |||||
| CVE-2017-10941 | 1 Foxitsoftware | 1 Foxit Reader | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFParseDateEx function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4816. | |||||
| CVE-2017-10945 | 1 Foxitsoftware | 1 Foxit Reader | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the app.alert function. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4855. | |||||
| CVE-2019-11746 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2019-10-04 | 6.8 MEDIUM | 8.8 HIGH |
| A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | |||||
| CVE-2019-11752 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2019-10-04 | 9.3 HIGH | 8.8 HIGH |
| It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | |||||
| CVE-2019-9350 | 1 Google | 1 Android | 2019-10-04 | 4.6 MEDIUM | 7.8 HIGH |
| In Keymaster, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129562815 | |||||
| CVE-2017-0070 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2019-10-03 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0035, CVE-2017-0067, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151. | |||||
| CVE-2018-4218 | 3 Apple, Canonical, Microsoft | 8 Icloud, Iphone Os, Itunes and 5 more | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free. | |||||
| CVE-2017-9790 | 1 Apache | 1 Mesos | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| When handling a libprocess message wrapped in an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev crashes if the request path is empty, because the parser assumes the request path always starts with '/'. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable. | |||||
| CVE-2017-9612 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-8277 | 1 Google | 1 Android | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was not removed from list. Use-after-free would occur when traversing the list next time. | |||||
| CVE-2017-3302 | 4 Debian, Mariadb, Oracle and 1 more | 8 Debian Linux, Mariadb, Mysql and 5 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. | |||||
| CVE-2017-2491 | 1 Apple | 1 Iphone Os | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file. | |||||
| CVE-2017-17045 | 1 Xen | 1 Xen | 2019-10-03 | 7.2 HIGH | 8.8 HIGH |
| An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors. | |||||
| CVE-2017-16939 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages. | |||||
| CVE-2017-14904 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a crafted binder request can cause an arbitrary unmap in MediaServer. | |||||
| CVE-2017-0261 | 1 Microsoft | 1 Office | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281. | |||||
| CVE-2017-0263 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | |||||
| CVE-2017-13154 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573. | |||||
| CVE-2017-0727 | 1 Google | 1 Android | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354. | |||||
| CVE-2017-0428 | 2 Google, Linux | 2 Android, Linux Kernel | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32401526. References: N-CVE-2017-0428. | |||||
| CVE-2019-10497 | 1 Qualcomm | 86 Mdm9150, Mdm9150 Firmware, Mdm9206 and 83 more | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
| Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24 | |||||
| CVE-2019-16882 | 1 String-interner Project | 1 String-interner | 2019-09-26 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the string-interner crate before 0.7.1 for Rust. It allows attackers to read from memory locations associated with dangling pointers, because of a cloning flaw. | |||||
| CVE-2019-15890 | 2 Libslirp Project, Qemu | 2 Libslirp, Qemu | 2019-09-20 | 5.0 MEDIUM | 7.5 HIGH |
| libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. | |||||
| CVE-2019-16510 | 1 Mz-automation | 1 Libiec61850 | 2019-09-19 | 5.0 MEDIUM | 7.5 HIGH |
| libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. | |||||
| CVE-2019-16396 | 1 Gnucobol Project | 1 Gnucobol | 2019-09-18 | 6.8 MEDIUM | 7.8 HIGH |
| GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code. | |||||
| CVE-2018-19824 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-09-10 | 4.6 MEDIUM | 7.8 HIGH |
| In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. | |||||
| CVE-2018-20976 | 1 Linux | 1 Linux Kernel | 2019-09-06 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | |||||
| CVE-2019-7363 | 1 Autodesk | 1 Design Review | 2019-08-30 | 6.8 MEDIUM | 7.8 HIGH |
| Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a use-after-free vulnerability, which may result in code execution. | |||||
| CVE-2018-15924 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7831 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7830 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7817 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7814 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7797 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7796 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7786 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7761 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7760 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7759 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2019-7078 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7077 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7072 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-7070 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2018-4980 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-4974 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-4971 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-4954 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||