Air@* Security Vulnerabilities and Issues — Air@* CVE List

CVE•added 2011/03/15 5:55 p.m.•1079 views

CVE-2011-0609

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windo...

9.3CVSS8.9AI score0.92398EPSS

CVE•added 2010/06/08 6:30 p.m.•1026 views

CVE-2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SW...

9.3CVSS9.7AI score0.93621EPSS

CVE•added 2016/03/12 3:59 p.m.•1008 views

CVE-2016-1010

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary c...

9.3CVSS9AI score0.31545EPSS

CVE•added 2011/04/13 2:55 p.m.•1007 views

CVE-2011-0611

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x be...

9.3CVSS8.8AI score0.93698EPSS

CVE•added 2015/12/28 11:59 p.m.•1006 views

CVE-2015-8651

Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code ...

9.3CVSS9.6AI score0.89783EPSS

CVE•added 2014/11/25 11:59 p.m.•879 views

CVE-2014-8439

Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.31479EPSS

CVE•added 2012/06/09 12:55 a.m.•300 views

CVE-2012-2037

9.3CVSS7.6AI score0.25628EPSS

CVE•added 2016/03/12 3:59 p.m.•217 views

CVE-2016-0963

9.3CVSS9AI score0.31545EPSS

CVE•added 2016/03/12 3:59 p.m.•193 views

CVE-2016-0993

9.3CVSS9AI score0.31545EPSS

CVE•added 2012/06/09 12:55 a.m.•156 views

CVE-2012-2036

Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attacker...

9.3CVSS7.7AI score0.0447EPSS

CVE•added 2012/06/09 12:55 a.m.•156 views

CVE-2012-2038

4.3CVSS5.9AI score0.01362EPSS

CVE•added 2013/12/11 3:55 p.m.•156 views

CVE-2013-5331

Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code vi...

9.3CVSS7.6AI score0.87631EPSS

CVE•added 2013/11/13 1:55 a.m.•155 views

CVE-2013-5330

Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute arbitrary code or cause ...

10CVSS7.8AI score0.11531EPSS

CVE•added 2013/03/11 10:55 a.m.•150 views

CVE-2013-2555

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK ...

10CVSS7.8AI score0.05981EPSS

CVE•added 2012/06/09 12:55 a.m.•149 views

CVE-2012-2035

Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allo...

9.3CVSS7.9AI score0.03472EPSS

CVE•added 2012/11/07 5:41 a.m.•148 views

CVE-2012-5278

Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allo...

10CVSS7.5AI score0.04066EPSS

CVE•added 2013/09/12 1:28 p.m.•148 views

CVE-2013-5324

Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attackers ...

CVE•added 2012/08/21 11:55 p.m.•145 views

CVE-2012-4163

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 al...

10CVSS7.7AI score0.07934EPSS

CVE•added 2013/09/12 1:28 p.m.•144 views

CVE-2013-3362

CVE•added 2012/12/12 11:38 a.m.•143 views

CVE-2012-5678

Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3....

10CVSS7.7AI score0.09479EPSS

CVE•added 2013/09/12 1:28 p.m.•143 views

CVE-2013-3361

CVE•added 2012/06/09 12:55 a.m.•142 views

CVE-2012-2039

9.3CVSS7.6AI score0.03866EPSS

CVE•added 2012/08/21 11:55 p.m.•142 views

CVE-2012-4165

10CVSS7.7AI score0.07934EPSS

CVE•added 2012/08/21 11:55 p.m.•142 views

CVE-2012-4167

Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK ...

10CVSS7.7AI score0.12998EPSS

CVE•added 2012/12/12 11:38 a.m.•142 views

CVE-2012-5677

Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x;...

10CVSS7.6AI score0.09908EPSS

CVE•added 2013/09/12 1:28 p.m.•140 views

CVE-2013-3363

CVE•added 2012/12/12 11:38 a.m.•138 views

CVE-2012-5676

Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; ...

10CVSS7.7AI score0.05685EPSS

CVE•added 2013/02/12 8:55 p.m.•136 views

CVE-2013-0638

Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3....

10CVSS7.7AI score0.04783EPSS

CVE•added 2015/08/14 1:59 a.m.•97 views

CVE-2015-5132

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different ...

10CVSS7.7AI score0.71451EPSS

CVE•added 2010/06/15 6:0 p.m.•96 views

CVE-2010-2179

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.

4.3CVSS7.5AI score0.20428EPSS

CVE•added 2015/08/14 1:59 a.m.•94 views

CVE-2015-5133

10CVSS7.7AI score0.71451EPSS

CVE•added 2010/06/15 6:0 p.m.•93 views

CVE-2010-2188

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different argument...

9.3CVSS9.9AI score0.01631EPSS

Web

CVE•added 2012/04/06 8:55 p.m.•91 views

CVE-2012-0724

Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.

9.3CVSS7AI score0.01005EPSS

CVE•added 2013/11/13 1:55 a.m.•91 views

CVE-2013-5329

10CVSS7.9AI score0.11531EPSS

CVE•added 2015/07/09 4:59 p.m.•86 views

CVE-2015-3128

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute...

10CVSS7.5AI score0.68034EPSS

CVE•added 2015/11/11 1:0 p.m.•86 views

CVE-2015-7663

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary co...

10CVSS7.7AI score0.74587EPSS

CVE•added 2014/11/11 11:55 p.m.•85 views

CVE-2014-0576

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.88009EPSS

CVE•added 2015/06/10 1:59 a.m.•84 views

CVE-2015-3104

Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 o...

10CVSS7.7AI score0.04479EPSS

CVE•added 2015/09/22 10:59 a.m.•84 views

CVE-2015-5582

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (...

10CVSS7.8AI score0.06367EPSS

CVE•added 2015/10/15 12:0 a.m.•84 views

CVE-2015-7632

Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Load...

9.3CVSS7.5AI score0.06986EPSS

CVE•added 2015/11/11 12:59 p.m.•84 views

CVE-2015-7651

9.3CVSS7.5AI score0.74587EPSS

CVE•added 2015/12/10 5:59 a.m.•84 views

CVE-2015-8062

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arb...

CVE•added 2015/06/10 1:59 a.m.•83 views

CVE-2015-3097

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it ea...

5CVSS6.3AI score0.10451EPSS

CVE•added 2015/12/10 5:59 a.m.•83 views

CVE-2015-8424

CVE•added 2015/06/10 1:59 a.m.•82 views

CVE-2015-3100

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 1...

10CVSS7.9AI score0.03267EPSS

CVE•added 2015/11/11 1:0 p.m.•82 views

CVE-2015-7662

Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write ...

7.8CVSS6.6AI score0.01794EPSS

CVE•added 2015/12/10 5:59 a.m.•82 views

CVE-2015-8055

CVE•added 2015/05/13 11:0 a.m.•81 views

CVE-2015-3085

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on f...

6.4CVSS6.6AI score0.35751EPSS

CVE•added 2015/12/10 5:59 a.m.•81 views

CVE-2015-8065