CVE-2011-0611

CVE-2011-0611 affects Adobe Flash Player before 10.2.154.27 (Windows/macOS/Linux/Solaris) and 10.2.156.12 and earlier on Android, plus Authplay.dll in Reader/Acrobat components. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via crafted Flash cont...

CVE-2014-0502

CVE-2014-0502 is a double‑free vulnerability in Adobe Flash Player and related components that allows remote code execution. Affected products include Flash Player prior to 11.7.700.269 and 11.8.x up to 12.0.x before 12.0.0.70 on Windows/macOS, and before 11.2.202.341 on Linux, as well as Adobe A...

CVE-2014-0543

CVE-2014-0543 affects Adobe Flash Player (Windows/OS X: prior to 13.0.0.241 and 14.x prior to 14.0.0.176; Linux prior to 11.2.202.400) and Adobe AIR/SDK prior to 14.0.0.178, with memory address disclosure that bypasses ASLR via unspecified vectors. The root cause: improper restriction of memory-a...

CVE-2012-0773

The CVE-2012-0773 issue concerns the NetStream class in Adobe Flash Player and AIR. Affected components include Flash Player before 10.3.183.18 and 11.x before 11.2.202.223/228 on Windows, macOS, Linux; Solaris Flash Player before 10.3.183.18/11.x before 11.2.202.223; Android 2.x/3.x before 11.1....

CVE-2012-5270

CVE-2012-5270 refers to a memory‑corruption based arbitrary‑code execution/DoS vulnerability in Adobe Flash Player (Windows, macOS, Linux) and Adobe AIR, described as exploitable via unspecified vectors. Affected products include Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 (Windo...

CVE-2012-5266

CVE-2012-5266 is a buffer overflow in Adobe Flash Player (and Adobe AIR) that could allow arbitrary code execution. Affected: Flash Player on Windows/Mac before 10.3.183.29 and 11.x before 11.4.402.287; Linux before 10.3.183.29 and 11.x before 11.2.202.243; Android 2.x/3.x before 11.1.111.19 and ...

CVE-2012-5271

CVE-2012-5271 affects Adobe Flash Player and Adobe AIR. The Flash Player versions (Windows/macOS: before 10.3.183.29 and before 11.4.402.287 on 11.x; Linux: before 10.3.183.29 and before 11.2.202.243; Android 2.x/3.x: before 11.1.111.19; Android 4.x: before 11.1.115.20) and Adobe AIR before 3.4.0...

CVE-2012-5267

Adobe Flash Player (and AIR) is affected by CVE-2012-5267 as part of a broader set of memory corruption vulnerabilities disclosed in 2012. Public sources (including OpenVAS/Gentoo/SUSE advisories) reference Flash memory-corruption issues exploitable via unspecified vectors and note that updates t...

CVE-2012-5269

CVE-2012-5269 concerns Adobe Flash Player (Windows/Mac/Linux) and Adobe AIR with memory-corruption based remote code execution vector. Connected sources confirm affected versions prior to 10.3.183.29/11.x updates for Flash and pre-3.4.0.2710 AIR, with multiple CVEs (incl. CVE-2012-5248 to CVE-201...

CVE-2011-2140

CVE-2011-2140 affects Adobe Flash Player before 10.3.183.5 (Windows/macOS/Linux/Solaris) and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 (Windows/macOS; earlier Android support). The vulnerability is a memory-corruption/arbitrary code execution via aMalformed MP4 processing path in t...

CVE-2012-5268

CVE-2012-5268 is a high-severity vulnerability affecting Adobe Flash Player (Windows/Mac/Linux/Android) and Adobe AIR, described as memory corruption that could allow arbitrary code execution or to cause a denial of service via unspecified vectors. The connected documents confirm this CVE as part...

CVE-2012-5272

CVE-2012-5272 affects Adobe Flash Player and AIR across multiple platforms. The issue is a memory corruption vulnerability in Flash Player (Windows/macOS/Linux/Android) that could allow arbitrary code execution or a denial of service via unspecified vectors. Affected Flash versions are: Windows/M...

CVE-2012-0772

CVE-2012-0772 affects Windows Flash Player (unspecified ActiveX control) and AIR, where URL security domain checking is mishandled. The issue can lead to arbitrary code execution or memory corruption DoS. Affected versions include Adobe Flash Player prior to 10.3.183.18 and 11.x prior to 11.2.202...

CVE-2012-4171

Adobe Flash Player and Adobe AIR are affected by CVE-2012-4171, a denial-of-service flaw caused by a logic error when handling Firefox dialogs. The vulnerability affects Flash Player on Windows, macOS, Linux, and Android (various pre-allocated builds) and affects Adobe AIR/SDK before the stated b...

CVE-2011-2424

CVE-2011-2424 is listed among Adobe Reader/Flash Player vulnerability advisories (RHSA-2011:1434, RHSA-2011:1144) affecting Adobe Reader and Flash Player where a crafted SWF in PDFs could cause memory corruption and remote code execution. The connected advisories indicate multiple Flash/Reader fl...

CVE-2010-0209

CVE-2010-0209 affects Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3. The vulnerability enables arbitrary code execution or memory corruption via unspecified vectors. Connected sources corroborate multiple advisories and patches surrounding this CVE, noti...

CVE-2014-0559

CVE-2014-0559 describes a heap-based buffer overflow in Adobe Flash Player and AIR, caused by an integer/length handling issue in CopyPixelsToByteArray and related vector data structures. Exploitation relies on manipulating a large ByteArray position to trigger a write past the buffer end, then u...

CVE-2014-4671

CVE-2014-4671 refers to a Flash/ AIR JSONP CSRF vulnerability where SWF content could bypass restrictions, enabling remote CSRF attacks against JSONP endpoints and potential data exposure. Affected products include Adobe Flash Player (Windows/macOS: up to 13.0.0.231 and 14.x up to 14.0.0.145; Lin...

CVE-2014-0516

CVE-2014-0516 refers to a Same Origin Policy bypass in Adobe Flash Player and AIR SDK components. Publicly affected versions include Windows/macOS Flash Player prior to 13.0.0.214 and Linux prior to 11.2.202.359, as well as AIR SDK prior to 13.0.0.111 and AIR SDK & Compiler prior to 13.0.0.111. T...

CVE-2014-0556

CVE-2014-0556 is an Adobe Flash Player/ AIR heap overflow triggered by an integer overflow in copyPixelsToByteArray, caused when a ByteArray’s position is set very large. Exploits publicly describe a heap grooming chain that corrupts a Vector. length to achieve arbitrary read/write and ultimately...

CVE-2011-2130

CVE-2011-2130 is a buffer-overflow vulnerability in Adobe Flash Player affecting Windows, Mac OS X, Linux, Solaris (pre-10.3.183.5) and Android (pre-10.3.186.3), and Adobe AIR (pre-2.7.1/2.7.1.1961). It allows arbitrary code execution via unspecified vectors and is separate from CVE-2011-2134, -2...

CVE-2010-2215

CVE-2010-2215 is a click‑jacking vulnerability in Adobe Flash Player (and bundled Flash in AIR). The connected advisories/entries confirm the issue can trick a user into clicking a link or dialog, with remediation by upgrading Flash to fixed versions (for example, Flash Player 9.0.280.0 and relat...

CVE-2014-0552

The CVE-2014-0552 entry corresponds to a Flash Player/Air memory corruption vulnerability exploitable via crafted SWF content. Affected products include Adobe Flash Player before 13.0.0.244 and 14.x/15.x before 15.0.0.152 on Windows and OS X, and before 11.2.202.406 on Linux, along with Adobe AIR...

CVE-2011-2135

Technical details for CVE-2011-2135 are not publicly available in the provided documents; the connected EUVD entries mention malware but do not specify this CVE's affected products or fixes. Monitor for updates.

CVE-2010-0186

CVE-2010-0186 is a cross-domain sandbox bypass vulnerability affecting Adobe Flash Player (before 10.0.45.2), Adobe AIR (before 1.5.3.9130), and Adobe Reader/Acrobat (8.x before 8.2.1 and 9.x before 9.3.1). The issue allows remote attackers to make cross-domain requests via unspecified vectors, w...

CVE-2014-0491

CVE-2014-0491 affects Adobe Flash Player (Windows/Mac/Linux) and Adobe AIR/SDK/Compiler. The vulnerability allows bypassing protection mechanisms via unknown vectors, leading to potential complete compromise of affected systems. The initial description notes unknown vectors and does not specify t...

CVE-2014-0492

CVE-2014-0492 affects Adobe Flash Player and Adobe AIR components. The issue stems from an “address leak” that defeats ASLR, impacting Flash Player prior to 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows/Mac, and prior to 11.2.202.335 on Linux, as well as Adobe AIR before 4.0.0.13...

CVE-2014-0545

Technical details for CVE-2014-0545 are not publicly available in the provided documents. The connected EUVD entries mention malware and generic memory-leakage contexts without product/version/impact specifics. Monitor for updates.

CVE-2008-5108

Adobe AIR < 1.5 is affected by CVE-2008-5108. The vulnerability allows an attacker to cause an AIR application to execute untrusted JavaScript via unspecified attack vectors, with the root cause described as an unspecified vulnerability in AIR 1.1 and earlier. The OpenVAS/Nessus entries indica...

CVE-2011-2417

Technical details for CVE-2011-2417 are not publicly available in the provided documents. Monitor for updates; no concrete affected products, root cause, or remediation information is present in the connected sources.

CVE-2014-0531

CVE-2014-0531 is an XSS vulnerability in Adobe Flash Player (and related AIR components) that could allow a remote attacker to inject arbitrary web script or HTML via unspecified vectors. Affected: Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X; Flash Player before ...

CVE-2014-0534

CVE-2014-0534 is a vulnerability in Adobe Flash Player (Windows, OS X, Linux) and related AIR components where attackers could bypass intended access restrictions via crafted SWF/vector exploits. The patched line is tied to APSB14-16; affected versions include Flash Player prior to 13.0.0.223 and...

CVE-2015-0307

The CVE-2015-0307 entry concerns Adobe Flash Player (Windows, OS X, Linux) and related Flash components (Air/SDK). Connected advisory CPAI-2015-0073 states this is an Out-of-Bounds Memory Read/Memory Corruption issue that could allow a remote attacker to obtain sensitive information from the proc...

CVE-2011-2425

Technical details for CVE-2011-2425 are not publicly provided in the supplied documents. Please monitor the connected sources for updates.

CVE-2011-2453

Adobe Flash Player and Adobe AIR are affected by CVE-2011-2453. The initial description lists that Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, macOS, Linux, and Solaris, and before 11.1.102.59 on Android, as well as AIR before 3.1.0.4880, are vulnerable via unspecified...

CVE-2014-0499

CVE-2014-0499 affects Adobe Flash Player (Windows, Mac OS X) and Adobe AIR/SDK components. The root cause is that these components do not prevent access to address information, aiding bypass of ASLR via unspecified vectors. Affected Flash Player versions include pre-11.7.700.269 and 11.8.x up to ...

CVE-2014-0508

CVE-2014-0508 affects Adobe Flash Player prior to 11.7.700.275 and 11.8.x prior to 13.0.0.182 on Windows/macOS, and prior to 11.2.202.350 on Linux; Adobe AIR prior to 13.0.0.83 (Android) and AIR SDK/SDK & Compiler prior to 13.0.0.83. The issue is described as bypassing intended access restriction...

CVE-2014-0539

CVE-2014-0539 is a security-bypass vulnerability affecting Adobe Flash Player and Adobe AIR (and related SDK components). The issue, described together with CVE-2014-0537, stems from insufficient security restrictions when handling specially crafted SWF content, enabling bypass of intended access...

CVE-2010-0187

CVE-2010-0187 affects Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130, allowing remote attackers to cause an application crash (DoS) via a modified SWF file. Connected advisories indicate updates to Flash Player (e.g., upgrade to 10.0.45.2) mitigate the issue (RHSA-2010-0102; ...

CVE-2010-2214

CVE-2010-2214 affects Adobe Flash Player prior to 9.0.280 and 10.x prior to 10.1.82.76, and Adobe AIR prior to 2.0.3. The vulnerability allows arbitrary code execution or memory corruption via unspecified vectors and is described as a separate issue from CVE-2010-0209, CVE-2010-2213, and CVE-2010...

CVE-2010-2216

CVE-2010-2216 affects Adobe Flash Player prior to 9.0.280 and 10.x prior to 10.1.82.76, and Adobe AIR prior to 2.0.3. The description states that attackers can execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, and this is a distinct issue from CVE-20...

CVE-2011-2416

Adobe Flash Player and Adobe AIR are affected by an integer overflow that could allow arbitrary code execution. Affected: Flash Player before 10.3.183.5 on Windows/Mac/Linux/Solaris and before 10.3.186.3 on Android; AIR before 2.7.1 on Windows/Mac and before 2.7.1.1961 on Android. CVE-2011-2416 i...

CVE-2014-0533

CVE-2014-0533 is an XSS vulnerability in Adobe Flash Player (affecting Windows/OS X paths to 13.0.0.223 and 14.x before 14.0.0.125; Linux path to 11.2.202.378) and in Adobe AIR/SDK components before 14.0.0.110. The vulnerability, described as allowing remote attackers to inject arbitrary web scri...

CVE-2010-2213

CVE-2010-2213 describes a vulnerability in Adobe Flash Player (before 9.0.280 and 10.x before 10.1.82.76) and Adobe AIR before 2.0.3 , enabling attackers to execute arbitrary code or cause a memory corruption-based denial of service via unspecified vectors. The issue is confirmed across connected...

CVE-2011-2134

CVE-2011-2134 is a buffer overflow in Adobe Flash Player (Windows/macOS/Linux/Solaris) and Adobe AIR that could allow arbitrary code execution via unspecified vectors. Affected products are Flash Player prior to 10.3.183.5 (and prior to 10.3.186.3 on Android) and AIR prior to 2.7.1.1961. Remediat...

CVE-2014-0507

Adobe Flash Player and Adobe AIR are affected by CVE-2014-0507 due to a buffer overflow that could allow arbitrary code execution. Affected components include Flash Player on Windows/macOS (before 11.7.700.275, and 11.8.x up to 13.0.x before 13.0.0.182; Linux before 11.2.202.350) and Adobe AIR be...

CVE-2014-0532

CVE-2014-0532 is an XSS vulnerability in Adobe Flash Player and the Flash/AIR components, allowing remote script injection via unspecified vectors. Affected: Windows and OS X Flash Player prior to 13.0.0.223, and Flash Player 14.x prior to 14.0.0.125; Linux Flash Player prior to 11.2.202.378; Ado...

CVE-2011-2414

CVE-2011-2414: Buffer overflow in Adobe Flash Player (pre-10.3.183.5 Windows/Mac/Linux/Solaris; pre-10.3.186.3 Android) and Adobe AIR (pre-2.7.1) allowing arbitrary code execution via unspecified vectors. Public references link to Adobe APSB11-21; openSUSE/SUSE patches (flash-player-4976) address...

CVE-2014-0509

CVE-2014-0509 describes a cross-site scripting (XSS) vulnerability in Adobe Flash Player and Adobe AIR products prior to the listed versions. Affected: Flash Player on Windows/macOS (before 11.7.700.275 and 11.8.x–13.0.x before 13.0.0.182), Flash Player on Linux (before 11.2.202.350), and Adobe A...

CVE-2014-0520

CVE-2014-0520 is a security bypass vulnerability in Adobe Flash Player and AIR components. Affected are Flash Player versions prior to 13.0.0.214 (Windows/macOS) and prior to 11.2.202.359 (Linux), plus AIR SDK before 13.0.0.111 and AIR SDK & Compiler before 13.0.0.111. The issue stems from an err...