CVE-2021-28643

LOW Year: 2021
CVSS v3 Score
3.3
Low
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-843
View all →

Vulnerability Description

Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Type Confusion vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Related Vulnerabilities

CVE-2021-35986

LOW
CVSS:3.3(Low)

Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Type Confusion vulnerability. An unauthenticated attacker coul...

CWE-8432021

CVE-2024-30266

LOW
CVSS:3.3(Low)

wasmtime is a runtime for WebAssembly. The 19.0.0 release of Wasmtime contains a regression introduced during its development which can lead to a guest WebAssembly module causing a panic in the host r...

CWE-8432024

CVE-2024-31071

LOW
CVSS:3.3(Low)

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.

CWE-8432024

CVE-2024-36278

LOW
CVSS:3.3(Low)

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.

CWE-8432024

CVE-2024-58253

LOW
CVSS:2.9(Low)

In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value.

CWE-8432024

CVE-2025-48756

LOW
CVSS:2.9(Low)

In group_number in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits (e.g., 5 bits) for group number.

CWE-8432025