CVE-2014-0502

CVE-2014-0502 is a double‑free vulnerability in Adobe Flash Player and related components that allows remote code execution. Affected products include Flash Player prior to 11.7.700.269 and 11.8.x up to 12.0.x before 12.0.0.70 on Windows/macOS, and before 11.2.202.341 on Linux, as well as Adobe A...

CVE-2014-0543

CVE-2014-0543 affects Adobe Flash Player (Windows/OS X: prior to 13.0.0.241 and 14.x prior to 14.0.0.176; Linux prior to 11.2.202.400) and Adobe AIR/SDK prior to 14.0.0.178, with memory address disclosure that bypasses ASLR via unspecified vectors. The root cause: improper restriction of memory-a...

CVE-2012-5270

CVE-2012-5270 refers to a memory‑corruption based arbitrary‑code execution/DoS vulnerability in Adobe Flash Player (Windows, macOS, Linux) and Adobe AIR, described as exploitable via unspecified vectors. Affected products include Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 (Windo...

CVE-2012-5266

CVE-2012-5266 is a buffer overflow in Adobe Flash Player (and Adobe AIR) that could allow arbitrary code execution. Affected: Flash Player on Windows/Mac before 10.3.183.29 and 11.x before 11.4.402.287; Linux before 10.3.183.29 and 11.x before 11.2.202.243; Android 2.x/3.x before 11.1.111.19 and ...

CVE-2012-5271

CVE-2012-5271 affects Adobe Flash Player and Adobe AIR. The Flash Player versions (Windows/macOS: before 10.3.183.29 and before 11.4.402.287 on 11.x; Linux: before 10.3.183.29 and before 11.2.202.243; Android 2.x/3.x: before 11.1.111.19; Android 4.x: before 11.1.115.20) and Adobe AIR before 3.4.0...

CVE-2012-5267

Adobe Flash Player (and AIR) is affected by CVE-2012-5267 as part of a broader set of memory corruption vulnerabilities disclosed in 2012. Public sources (including OpenVAS/Gentoo/SUSE advisories) reference Flash memory-corruption issues exploitable via unspecified vectors and note that updates t...

CVE-2012-5269

CVE-2012-5269 concerns Adobe Flash Player (Windows/Mac/Linux) and Adobe AIR with memory-corruption based remote code execution vector. Connected sources confirm affected versions prior to 10.3.183.29/11.x updates for Flash and pre-3.4.0.2710 AIR, with multiple CVEs (incl. CVE-2012-5248 to CVE-201...

CVE-2012-5268

CVE-2012-5268 is a high-severity vulnerability affecting Adobe Flash Player (Windows/Mac/Linux/Android) and Adobe AIR, described as memory corruption that could allow arbitrary code execution or to cause a denial of service via unspecified vectors. The connected documents confirm this CVE as part...

CVE-2012-5272

CVE-2012-5272 affects Adobe Flash Player and AIR across multiple platforms. The issue is a memory corruption vulnerability in Flash Player (Windows/macOS/Linux/Android) that could allow arbitrary code execution or a denial of service via unspecified vectors. Affected Flash versions are: Windows/M...

CVE-2012-4171

Adobe Flash Player and Adobe AIR are affected by CVE-2012-4171, a denial-of-service flaw caused by a logic error when handling Firefox dialogs. The vulnerability affects Flash Player on Windows, macOS, Linux, and Android (various pre-allocated builds) and affects Adobe AIR/SDK before the stated b...

CVE-2014-0559

CVE-2014-0559 describes a heap-based buffer overflow in Adobe Flash Player and AIR, caused by an integer/length handling issue in CopyPixelsToByteArray and related vector data structures. Exploitation relies on manipulating a large ByteArray position to trigger a write past the buffer end, then u...

CVE-2014-4671

CVE-2014-4671 refers to a Flash/ AIR JSONP CSRF vulnerability where SWF content could bypass restrictions, enabling remote CSRF attacks against JSONP endpoints and potential data exposure. Affected products include Adobe Flash Player (Windows/macOS: up to 13.0.0.231 and 14.x up to 14.0.0.145; Lin...

CVE-2014-0556

CVE-2014-0556 is an Adobe Flash Player/ AIR heap overflow triggered by an integer overflow in copyPixelsToByteArray, caused when a ByteArray’s position is set very large. Exploits publicly describe a heap grooming chain that corrupts a Vector. length to achieve arbitrary read/write and ultimately...

CVE-2014-0552

The CVE-2014-0552 entry corresponds to a Flash Player/Air memory corruption vulnerability exploitable via crafted SWF content. Affected products include Adobe Flash Player before 13.0.0.244 and 14.x/15.x before 15.0.0.152 on Windows and OS X, and before 11.2.202.406 on Linux, along with Adobe AIR...

CVE-2014-0491

CVE-2014-0491 affects Adobe Flash Player (Windows/Mac/Linux) and Adobe AIR/SDK/Compiler. The vulnerability allows bypassing protection mechanisms via unknown vectors, leading to potential complete compromise of affected systems. The initial description notes unknown vectors and does not specify t...

CVE-2014-0492

CVE-2014-0492 affects Adobe Flash Player and Adobe AIR components. The issue stems from an “address leak” that defeats ASLR, impacting Flash Player prior to 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows/Mac, and prior to 11.2.202.335 on Linux, as well as Adobe AIR before 4.0.0.13...

CVE-2014-0545

Technical details for CVE-2014-0545 are not publicly available in the provided documents. The connected EUVD entries mention malware and generic memory-leakage contexts without product/version/impact specifics. Monitor for updates.

CVE-2014-0531

CVE-2014-0531 is an XSS vulnerability in Adobe Flash Player (and related AIR components) that could allow a remote attacker to inject arbitrary web script or HTML via unspecified vectors. Affected: Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X; Flash Player before ...

CVE-2015-0307

The CVE-2015-0307 entry concerns Adobe Flash Player (Windows, OS X, Linux) and related Flash components (Air/SDK). Connected advisory CPAI-2015-0073 states this is an Out-of-Bounds Memory Read/Memory Corruption issue that could allow a remote attacker to obtain sensitive information from the proc...

CVE-2014-0534

CVE-2014-0534 is a vulnerability in Adobe Flash Player (Windows, OS X, Linux) and related AIR components where attackers could bypass intended access restrictions via crafted SWF/vector exploits. The patched line is tied to APSB14-16; affected versions include Flash Player prior to 13.0.0.223 and...

CVE-2014-0499

CVE-2014-0499 affects Adobe Flash Player (Windows, Mac OS X) and Adobe AIR/SDK components. The root cause is that these components do not prevent access to address information, aiding bypass of ASLR via unspecified vectors. Affected Flash Player versions include pre-11.7.700.269 and 11.8.x up to ...

CVE-2014-0539

CVE-2014-0539 is a security-bypass vulnerability affecting Adobe Flash Player and Adobe AIR (and related SDK components). The issue, described together with CVE-2014-0537, stems from insufficient security restrictions when handling specially crafted SWF content, enabling bypass of intended access...

CVE-2014-0508

CVE-2014-0508 affects Adobe Flash Player prior to 11.7.700.275 and 11.8.x prior to 13.0.0.182 on Windows/macOS, and prior to 11.2.202.350 on Linux; Adobe AIR prior to 13.0.0.83 (Android) and AIR SDK/SDK & Compiler prior to 13.0.0.83. The issue is described as bypassing intended access restriction...

CVE-2014-0509

CVE-2014-0509 describes a cross-site scripting (XSS) vulnerability in Adobe Flash Player and Adobe AIR products prior to the listed versions. Affected: Flash Player on Windows/macOS (before 11.7.700.275 and 11.8.x–13.0.x before 13.0.0.182), Flash Player on Linux (before 11.2.202.350), and Adobe A...

CVE-2014-0533

CVE-2014-0533 is an XSS vulnerability in Adobe Flash Player (affecting Windows/OS X paths to 13.0.0.223 and 14.x before 14.0.0.125; Linux path to 11.2.202.378) and in Adobe AIR/SDK components before 14.0.0.110. The vulnerability, described as allowing remote attackers to inject arbitrary web scri...

CVE-2014-0507

Adobe Flash Player and Adobe AIR are affected by CVE-2014-0507 due to a buffer overflow that could allow arbitrary code execution. Affected components include Flash Player on Windows/macOS (before 11.7.700.275, and 11.8.x up to 13.0.x before 13.0.0.182; Linux before 11.2.202.350) and Adobe AIR be...

CVE-2014-0532

CVE-2014-0532 is an XSS vulnerability in Adobe Flash Player and the Flash/AIR components, allowing remote script injection via unspecified vectors. Affected: Windows and OS X Flash Player prior to 13.0.0.223, and Flash Player 14.x prior to 14.0.0.125; Linux Flash Player prior to 11.2.202.378; Ado...

CVE-2013-1378

CVE-2013-1378 affects Adobe Flash Player prior to 10.3.183.75/11.x before 11.7.700.169 on Windows and macOS, prior to 10.3.183.75/11.x before 11.2.202.280 on Linux, prior to 11.1.111.50 on Android 2.x/3.x, and prior to 11.1.115.54 on Android 4.x; and Adobe AIR before 3.7.0.1530 (and AIR SDK & Com...

CVE-2014-5333

Adobe Flash Player and AIR vulnerabilities (CVE-2014-5333) allow cross-site request forgery (CSRF) against JSONP endpoints via a crafted SWF in an OBJECT element, due to an incomplete fix for CVE-2014-4671. Affected versions include Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Win...

CVE-2014-0553

CVE-2014-0553 is a use-after-free vulnerability in Adobe Flash Player that could allow arbitrary code execution. It affects Flash Player before 13.0.0.244 and 14.x before 15.0.0.152 on Windows and OS X, and before 11.2.202.406 on Linux; also affects Adobe AIR before 15.0.0.249 (Windows/OS X). Ado...

CVE-2014-0558

CVE-2014-0558 affects Adobe Flash Player prior to 13.0.0.250 and 14.x before 15.0.0.189 on Windows/macOS, and prior to 11.2.202.411 on Linux, plus Adobe AIR prior to 15.0.0.293/SDK before 15.0.0.302. The vulnerability is a memory corruption flaw that allows remote arbitrary code execution or deni...

CVE-2012-5256

CVE-2012-5256 concerns Adobe Flash Player and Adobe AIR. The vulnerability allows attackers to execute arbitrary code or cause a denial of service via memory corruption, with unspecified attack vectors. Affected Flash Player versions include Windows/macOS: before 10.3.183.29 and 11.x before 11.4....

CVE-2014-0498

CVE-2014-0498: A stack-based buffer overflow in Adobe Flash Player (and related AIR components) allows arbitrary code execution via unspecified vectors. Affected products/versions (per the initial description): Flash Player before 11.7.700.269 and 11.8.x up to 12.0.x before 12.0.0.70 on Windows a...

CVE-2014-0549

CVE-2014-0549 affects Adobe Flash Player and related AIR components. The vulnerability is a memory corruption issue that could allow remote code execution or a denial of service, triggered via unspecified vectors. Affected versions include Flash Player before 13.0.0.244 and 14.x up to 15.x before...

CVE-2013-0646

CVE-2013-0646 technical details are not publicly provided in the supplied documents. No affected products, root cause, or fixes are confirmed here. Monitor for updates from the referenced advisories.

CVE-2013-0630

CVE-2013-0630 relates to a buffer overflow in Adobe Flash Player (and Adobe AIR) that could allow arbitrary code execution. The provided Connected documents indicate affected products include Flash Player with platform variants (Windows, Mac OS X, Linux, Android) and Adobe AIR. The OpenVAS/Nessus...

CVE-2014-0537

CVE-2014-0537 affects Adobe Flash Player and related AIR components across Windows, OS X, Linux, and Android. The issue is a security bypass of intended access restrictions, enabling bypass via unspecified vectors (not a code path described in the provided text). Affected versions include Flash P...

CVE-2014-0547

Adobe Flash Player and AIR components are affected by a memory-corruption vulnerability (CVE-2014-0547) that can be triggered by unspecified vectors. Impacted products include Flash Player versions prior to 13.0.0.244 and 14.x/15.x prior to 15.0.0.152 on Windows and OS X, and prior to 11.2.202.40...

CVE-2012-5249

CVE-2012-5249 is a buffer-overflow in Adobe Flash Player and Adobe AIR that allows arbitrary code execution. Affected: Flash Player pre-10.3.183.29 and pre-11.4.402.287 on Windows/Mac; pre-10.3.183.29 and pre-11.2.202.243 on Linux; Android 2.x–4.x; and Adobe AIR pre-3.4.0.2710. Root cause: buffer...

CVE-2014-0542

Technical details about CVE-2014-0542 are not publicly available in the provided documents; the connected EUVD entries and advisories mention related issues but do not disclose affected products, root causes, or fixes. Monitor for updates.

CVE-2014-0550

Technical details about CVE-2014-0550 are not provided in the connected documents. Public information in the initial entry lists affected versions and impact but no concrete root-cause, exploit details, or remediation are included here. Monitor for updates.

CVE-2014-0538

CVE-2014-0538 is a Use-After-Free vulnerability in Adobe Flash Player (and related AIR components) that could allow arbitrary code execution. According to the initial entry, it affects Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and macOS, and before 11.2.202.400 on Linux...

CVE-2015-0301

CVE-2015-0301 concerns Adobe Flash Player and Flash plugin file validation. Affected: Flash Player before 13.0.0.260 and 14.x up to 16.x before 16.0.0.257 on Windows/macOS; Flash Player before 11.2.202.429 on Linux; Adobe AIR before 16.0.0.272 on Windows/macOS; plus AIR SDKs before 16.0.0.272. De...

CVE-2015-0303

CVE-2015-0303 affects Adobe Flash Player and Adobe AIR as described in APSB15-01. The vulnerability is a memory corruption in Flash Player that could allow remote code execution or a denial of service via unspecified vectors. Affected versions include Flash Player before 13.0.0.260 and 14.x up to...

CVE-2012-5255

CVE-2012-5255 corresponds to a buffer overflow in Adobe Flash Player (and related AIR components) that allowed arbitrary code execution via unspecified vectors. Connected advisories confirm this family of vulnerabilities and associate it with Flash Player/Adobe Air, with remediation lists and fix...

CVE-2013-0650

CVE-2013-0650 is a use-after-free vulnerability in Adobe Flash Player (Windows, macOS, Linux) and related AIR components that could allow arbitrary code execution via unspecified vectors. Affected versions include Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows/Mac; before...

CVE-2013-1375

CVE-2013-1375 describes a heap-based buffer overflow in Adobe Flash Player prior to certain 10.3/11.x revisions and Adobe AIR prior to 3.6.0.6090, allowing arbitrary code execution via unspecified vectors. The initial entry lists affected platforms (Windows, macOS, Linux, Android) and correspondi...

CVE-2013-2728

CVE-2013-2728 concerns Adobe Flash Player (and AIR) with a memory-corruption based vulnerability that could allow arbitrary code execution or a denial of service via unspecified vectors. The initial description lists affected versions: Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 ...

CVE-2012-5252

CVE-2012-5252 affects Adobe Flash Player and Adobe AIR. The vulnerability is described as memory corruption that can allow arbitrary code execution or a denial of service via unspecified vectors. Affected components include Flash Player versions prior to 10.3.183.29 and 11.x prior to 11.4.402.287...

CVE-2012-5264

CVE-2012-5264 is a buffer overflow vulnerability in Adobe Flash Player and Adobe AIR. Affected products/versions (per initial description): Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows/Mac; Flash Player before 10.3.183.29 and 11.x before 11.2.202.243 on Linux; Flash Pla...