Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 5:8 a.m.3 views

SUSE CVE-2016-1017

Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than...

8.8CVSS8.1AI score0.08708EPSS
Exploits2References6
OSV
OSVadded 2016/04/09 1:59 a.m.2 views

CVE-2016-1017

Use-after-free vulnerability in the LoadVars.decode function in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than...

8.8CVSS6.1AI score
Exploits0References8
Positive Technologies
Positive Technologiesadded 2016/04/08 12:0 a.m.3 views

PT-2016-1665 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is related to the use of memory after it has been freed in the LoadVars.decode function of the Flash Player platform. This can be exploited by a remote attacker to...

10CVSS8.2AI score0.92961EPSS
Exploits19References185
Exploit DB
Exploit DBadded 2016/02/17 12:0 a.m.32 views

Adobe Flash - LoadVars.decode Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=667 There is a use-after-free in LoadVars.decode. If a watch is set on the object that the parameters are being decoded into, and the watch deletes the object, then other methods are called on the deleted object after it ...

7.4AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2015/12/29 12:0 a.m.18 views

Adobe Flash LoadVars decode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS8.7AI score0.03298EPSS
Exploits1References1
securityvulns
securityvulnsadded 2006/08/11 12:0 a.m.46 views

Sending multipart/form-data requests from Flash (with arbitrary headers)

Hello lists, In my original "Forging HTTP request headers with Flash" paper http://www.securityfocus.com/archive/1/441014, I mentioned forcing multipart/form-data input format to ensure that Flash's LoadVars isn't used to forge the request. However, there's a work-around for the attacker - using...

7.2AI score
Exploits0
Rows per page
Query Builder