Flash Player Desktop Runtime Security Vulnerabilities and Issues — Page 3 of Flash Player Desktop Runtime CVE List

CVE-2016-4274

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-20...

CVE-2016-4275

6.5CVSS7.1AI score0.01676EPSS

CVE-2016-4277

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4271 and CVE-20...

9.3CVSS9AI score0.02828EPSS

CVE-2016-6923

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016...

CVE•added 2016/10/13 7:59 p.m.•72 views

CVE-2016-6987

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981.

9.3CVSS8.9AI score0.02869EPSS

CVE•added 2016/03/12 3:59 p.m.•71 views

CVE-2016-1000

9.3CVSS9AI score0.50072EPSS

9.8CVSS8AI score0.45392EPSS

CVE-2016-4121

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016...

9.3CVSS8.9AI score0.02194EPSS

CVE-2016-4123

9.3CVSS8.9AI score0.4017EPSS

CVE-2016-4136

CVE-2016-4148

9.3CVSS8.9AI score0.04537EPSS

CVE-2016-4156

CVE•added 2016/07/13 1:59 a.m.•71 views

CVE-2016-4177

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4176.

9.3CVSS8.9AI score0.39663EPSS

CVE•added 2016/07/13 2:0 a.m.•71 views

CVE-2016-4230

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016...

9.3CVSS9AI score0.73665EPSS

CVE•added 2016/09/14 6:59 p.m.•71 views

CVE-2016-4278

6.5CVSS7.1AI score0.01676EPSS

CVE•added 2017/02/15 6:59 a.m.•71 views

CVE-2017-2990

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01244EPSS

CVE•added 2017/07/17 1:18 p.m.•71 views

CVE-2017-3100

Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.

6.5CVSS7.2AI score0.01881EPSS

CVE•added 2016/03/04 11:59 p.m.•70 views

CVE-2015-8652

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of ...

9.3CVSS9AI score0.13403EPSS

CVE•added 2016/02/10 8:59 p.m.•70 views

CVE-2016-0964

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of ...

CVE•added 2016/02/10 8:59 p.m.•70 views

CVE-2016-0980

CVE•added 2016/03/12 3:59 p.m.•70 views

CVE-2016-0995

9.3CVSS9AI score0.50072EPSS

CVE•added 2016/06/16 2:59 p.m.•70 views

CVE-2016-4142

CVE•added 2016/07/13 1:59 a.m.•70 views

CVE-2016-4173

9.3CVSS9AI score0.73665EPSS

CVE•added 2016/07/13 1:59 a.m.•70 views

CVE-2016-4176

9.3CVSS8.9AI score0.39663EPSS

CVE•added 2016/09/14 6:59 p.m.•70 views

CVE-2016-4276

CVE•added 2016/09/14 6:59 p.m.•70 views

CVE-2016-6924

CVE•added 2016/10/13 7:59 p.m.•70 views

CVE-2016-6982

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-20...

9.3CVSS9AI score0.26758EPSS

CVE•added 2016/10/13 8:0 p.m.•70 views

CVE-2016-6990

9.3CVSS9AI score0.26758EPSS

CVE•added 2017/02/15 6:59 a.m.•70 views

CVE-2017-2987

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.03887EPSS

CVE•added 2017/02/15 6:59 a.m.•70 views

CVE-2017-2991

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01175EPSS

CVE•added 2017/02/15 6:59 a.m.•70 views

CVE-2017-2996

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01168EPSS

CVE•added 2018/07/09 7:29 p.m.•70 views

CVE-2018-5000

Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure.

6.5CVSS6.8AI score0.01114EPSS

CVE•added 2018/07/20 7:29 p.m.•70 views

CVE-2018-5008

Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS7.4AI score0.07793EPSS

CVE•added 2016/04/09 1:59 a.m.•69 views

CVE-2016-1006

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass the ASLR protection mechanism via JIT data.

8.1CVSS8.7AI score0.00948EPSS

CVE•added 2016/06/16 2:59 p.m.•69 views

CVE-2016-4154

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/07/13 1:59 a.m.•69 views

CVE-2016-4185

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 1:59 a.m.•69 views

CVE-2016-4188

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•69 views

CVE-2016-4226

9.3CVSS9AI score0.73665EPSS

CVE•added 2016/12/15 6:59 a.m.•69 views

CVE-2016-7870

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.

8.8CVSS8.9AI score0.01058EPSS

CVE•added 2017/03/14 4:59 p.m.•69 views

CVE-2017-3001

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.0114EPSS

CVE•added 2016/02/10 8:59 p.m.•68 views

CVE-2016-0977

CVE•added 2016/02/10 8:59 p.m.•68 views

CVE-2016-0981

CVE•added 2016/04/09 1:59 a.m.•68 views

CVE-2016-1012

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1020, CVE-20...

9.3CVSS9AI score0.05385EPSS

CVE•added 2016/06/16 2:59 p.m.•68 views

CVE-2016-4129

CVE•added 2016/06/16 2:59 p.m.•68 views

CVE-2016-4132

9.3CVSS8.9AI score0.03697EPSS

CVE•added 2016/06/16 2:59 p.m.•68 views

CVE-2016-4146