| Month | Quarter | Year |
|---|---|---|
| #37 | #8 | #6 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2018-4961 | CWE-416 | Use After Free | 9.8 |
|
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||
| CVE-2018-4959 | CWE-416 | Use After Free | 9.8 |
|
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||
| CVE-2018-4900 | CWE-125 | Out-of-bounds Read | 6.5 |
|
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of JavaScript manipulation of an Annotation object. A successful attack can lead to sensitive data exposure.
|
|||
| CVE-2018-15920 | CWE-416 | Use After Free | 7.8 |
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2018-12846 | CWE-119 | Buffer Errors | 7.8 |
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2018-12836 | CWE-119 | Buffer Errors | 7.8 |
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2018-12832 | CWE-119 | Buffer Errors | 7.8 |
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2018-12769 | CWE-416 | Use After Free | 7.8 |
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
|
|||
| CVE-2018-0807 | CWE-119 | Buffer Errors | 8.8 |
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0805, and CVE-2018-0806.
|
|||
| CVE-2018-0798 | CWE-119 | Buffer Errors | 8.8 |
|
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
|
|||