Flash Player Desktop Runtime Security Vulnerabilities and Issues — Page 2 of Flash Player Desktop Runtime CVE List

Lucene search

AdobeFlash Player Desktop Runtime

294 matches found

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-6930

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016...

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 7:59 p.m.•79 views

CVE-2016-6986

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-20...

9.3CVSS9AI score0.26758EPSS

CVE•added 2017/03/14 4:59 p.m.•79 views

CVE-2017-2999

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01007EPSS

CVE•added 2016/06/16 2:59 p.m.•78 views

CVE-2016-4150

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6927

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6929

9.3CVSS9AI score0.02828EPSS

CVE•added 2017/02/15 6:59 a.m.•78 views

CVE-2017-2994

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.0199EPSS

CVE•added 2017/03/14 4:59 p.m.•78 views

CVE-2017-3003

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01639EPSS

CVE•added 2017/07/17 1:18 p.m.•78 views

CVE-2017-3080

Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure.

6.5CVSS6.9AI score0.03071EPSS

CVE•added 2017/08/11 7:29 p.m.•78 views

CVE-2017-3085

Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.

7.4CVSS7.6AI score0.00815EPSS

CVE•added 2014/10/15 10:55 a.m.•77 views

CVE-2014-0569

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code ...

9.3CVSS7.6AI score0.8933EPSS

CVE•added 2016/06/16 2:59 p.m.•77 views

CVE-2016-4153

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/07/13 2:0 a.m.•77 views

CVE-2016-4222

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016...

8.8CVSS9AI score0.73665EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-4279

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-6921

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-6931

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 8:0 p.m.•77 views

CVE-2016-6992

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."

9.3CVSS8.9AI score0.08851EPSS

CVE•added 2017/02/15 6:59 a.m.•77 views

CVE-2017-2992

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.34466EPSS

CVE•added 2018/07/09 7:29 p.m.•77 views

CVE-2018-5001

Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

6.5CVSS6.7AI score0.01364EPSS

CVE•added 2016/06/16 2:59 p.m.•76 views

CVE-2016-4141

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/09/14 6:59 p.m.•76 views

CVE-2016-4283

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-20...

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/09/14 6:59 p.m.•76 views

CVE-2016-6922

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/10/13 8:0 p.m.•76 views

CVE-2016-6989

9.3CVSS9AI score0.26758EPSS

CVE•added 2016/12/15 6:59 a.m.•76 views

CVE-2016-7867

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.

8.8CVSS8.9AI score0.01058EPSS

CVE•added 2017/05/09 4:29 p.m.•76 views

CVE-2017-3069

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01969EPSS

CVE•added 2017/08/11 7:29 p.m.•76 views

CVE-2017-3106

Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.7AI score0.64588EPSS

CVE•added 2016/03/12 3:59 p.m.•75 views

CVE-2016-0960

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial...

9.3CVSS9AI score0.53031EPSS

CVE•added 2016/06/16 2:59 p.m.•75 views

CVE-2016-4135

9.3CVSS8.9AI score0.35226EPSS

CVE•added 2016/09/14 6:59 p.m.•75 views

CVE-2016-4282

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/10/13 7:59 p.m.•75 views

CVE-2016-6985

9.3CVSS9AI score0.26758EPSS

CVE•added 2017/02/15 6:59 a.m.•75 views

CVE-2017-2988

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.40865EPSS

CVE•added 2017/02/15 6:59 a.m.•75 views

CVE-2017-2993

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01322EPSS

CVE•added 2018/07/20 7:29 p.m.•75 views

CVE-2018-5007

Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

8.8CVSS8.7AI score0.06148EPSS

CVE•added 2016/03/12 3:59 p.m.•74 views

CVE-2016-0998

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute...

9.3CVSS9AI score0.50072EPSS

CVE•added 2016/06/16 2:59 p.m.•74 views

CVE-2016-4125

9.3CVSS8.9AI score0.02194EPSS

CVE•added 2016/07/13 1:59 a.m.•74 views

CVE-2016-4182

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/09/14 6:59 p.m.•74 views

CVE-2016-4280

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/09/14 6:59 p.m.•74 views

CVE-2016-6925

9.3CVSS9AI score0.02828EPSS

CVE•added 2017/02/15 6:59 a.m.•74 views

CVE-2017-2984

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.06731EPSS

CVE•added 2017/05/09 4:29 p.m.•74 views

CVE-2017-3071

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01646EPSS

CVE•added 2018/11/29 8:29 p.m.•74 views

CVE-2018-15978

Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS6.9AI score0.09317EPSS

CVE•added 2014/10/15 10:55 a.m.•73 views

CVE-2014-0564

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.15429EPSS

CVE•added 2016/02/10 8:59 p.m.•73 views

CVE-2016-0967

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of ...

9.3CVSS9.2AI score0.43246EPSS

CVE•added 2016/03/12 3:59 p.m.•73 views

CVE-2016-0988

9.3CVSS9AI score0.50072EPSS

CVE•added 2016/06/16 2:59 p.m.•73 views

CVE-2016-4134

9.3CVSS8.9AI score0.03697EPSS

CVE•added 2016/09/14 6:59 p.m.•73 views

CVE-2016-4271

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-20...

6.5CVSS7.2AI score0.01676EPSS

CVE•added 2016/09/14 6:59 p.m.•73 views

CVE-2016-6932

9.3CVSS9AI score0.02828EPSS

CVE•added 2017/12/13 9:29 p.m.•73 views

CVE-2017-11305

A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.

6.5CVSS6.4AI score0.0247EPSS

CVE•added 2017/02/15 6:59 a.m.•73 views

CVE-2017-2982

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01322EPSS

CVE•added 2017/02/15 6:59 a.m.•73 views

CVE-2017-2985

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.40865EPSS

Total number of security vulnerabilities294