Flash Player Desktop Runtime@* Security Vulnerabilities and Issues — Flash Player Desktop Runtime@* CVE List

Lucene search

AdobeFlash Player Desktop Runtime*

294 matches found

CVE•added 2016/04/07 10:59 a.m.•992 views

CVE-2016-1019

Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.

10CVSS9.7AI score0.8005EPSS

CVE•added 2016/03/12 3:59 p.m.•979 views

CVE-2016-1010

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary c...

9.3CVSS9AI score0.28792EPSS

CVE•added 2018/07/09 7:29 p.m.•972 views

CVE-2018-5002

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

10CVSS7.9AI score0.37375EPSS

CVE•added 2016/02/10 8:59 p.m.•968 views

CVE-2016-0984

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arb...

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2017/10/22 7:29 p.m.•965 views

CVE-2017-11292

Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.

8.8CVSS8.3AI score0.10801EPSS

CVE•added 2015/07/14 10:59 a.m.•898 views

CVE-2015-5122

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installa...

10CVSS9.6AI score0.92389EPSS

CVE•added 2015/07/14 10:59 a.m.•885 views

CVE-2015-5123

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installatio...

10CVSS9.6AI score0.45202EPSS

CVE•added 2016/12/15 6:59 a.m.•856 views

CVE-2016-7892

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.18919EPSS

CVE•added 2019/09/12 7:15 p.m.•221 views

CVE-2019-8069

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

10CVSS9.2AI score0.03432EPSS

CVE•added 2019/09/12 7:15 p.m.•198 views

CVE-2019-8070

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

10CVSS9.5AI score0.0203EPSS

CVE•added 2019/09/27 4:15 p.m.•194 views

CVE-2019-8075

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

7.5CVSS7.9AI score0.01038EPSS

CVE•added 2016/02/10 8:59 p.m.•193 views

CVE-2016-0974

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2016/03/12 3:59 p.m.•188 views

CVE-2016-0963

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•184 views

CVE-2016-0983

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2016/02/10 8:59 p.m.•182 views

CVE-2016-0982

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2016/02/10 8:59 p.m.•177 views

CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20...

9.3CVSS8.8AI score0.68375EPSS

CVE•added 2016/04/09 1:59 a.m.•175 views

CVE-2016-1015

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-...

9.3CVSS9.6AI score0.8005EPSS

CVE•added 2016/03/12 3:59 p.m.•163 views

CVE-2016-0993

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•161 views

CVE-2016-0975

Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allo...

9.3CVSS8.8AI score0.68375EPSS

CVE•added 2020/06/12 2:15 p.m.•156 views

CVE-2020-9633

Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code e...

10CVSS9.4AI score0.075EPSS

CVE•added 2015/01/28 10:59 p.m.•114 views

CVE-2015-0312

Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.5AI score0.06261EPSS

CVE•added 2019/05/24 7:29 p.m.•95 views

CVE-2019-7090

Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to ...

6.5CVSS5.7AI score0.01229EPSS

CVE•added 2016/07/13 1:59 a.m.•94 views

CVE-2016-4178

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

4.3CVSS5.8AI score0.01473EPSS

CVE•added 2016/07/13 1:59 a.m.•94 views

CVE-2016-4179

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2018/11/29 8:29 p.m.•91 views

CVE-2018-15981

Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

10CVSS9.4AI score0.31047EPSS

CVE•added 2017/03/14 4:59 p.m.•89 views

CVE-2017-2997

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01533EPSS

CVE•added 2016/06/16 2:59 p.m.•88 views

CVE-2016-4138

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

10CVSS9.1AI score0.3681EPSS

CVE•added 2016/06/16 2:59 p.m.•87 views

CVE-2016-4137

9.3CVSS8.9AI score0.4017EPSS

CVE•added 2016/10/13 7:59 p.m.•87 views

CVE-2016-4273

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-20...

9.3CVSS9AI score0.26758EPSS

CVE•added 2017/05/09 4:29 p.m.•87 views

CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.43827EPSS

CVE•added 2017/05/09 4:29 p.m.•87 views

CVE-2017-3073

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01768EPSS

CVE•added 2019/05/22 7:29 p.m.•87 views

CVE-2019-7837

Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01421EPSS

CVE•added 2017/05/09 4:29 p.m.•85 views

CVE-2017-3070

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01969EPSS

CVE•added 2019/05/23 5:29 p.m.•85 views

CVE-2019-7096

Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

10CVSS9.6AI score0.06773EPSS

CVE•added 2019/05/23 5:29 p.m.•85 views

CVE-2019-7108

Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .

7.5CVSS7.9AI score0.03145EPSS

CVE•added 2017/02/15 6:59 a.m.•84 views

CVE-2017-2986

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.34466EPSS

CVE•added 2016/06/16 2:59 p.m.•83 views

CVE-2016-4149

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/07/13 2:0 a.m.•83 views

CVE-2016-4238

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/09/14 6:59 p.m.•83 views

CVE-2016-6926

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016...

9.3CVSS9AI score0.02828EPSS

CVE•added 2017/05/09 4:29 p.m.•83 views

CVE-2017-3072

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01969EPSS

CVE•added 2017/05/09 4:29 p.m.•83 views

CVE-2017-3074

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01969EPSS

CVE•added 2018/08/29 1:29 p.m.•82 views

CVE-2018-12824

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

5.9CVSS6.8AI score0.01338EPSS

CVE•added 2016/07/13 1:59 a.m.•81 views

CVE-2016-4175

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•81 views

CVE-2016-4229

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016...

9.3CVSS9AI score0.73665EPSS

CVE•added 2017/03/14 4:59 p.m.•81 views

CVE-2017-3002

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.0114EPSS

CVE•added 2016/09/14 6:59 p.m.•80 views

CVE-2016-4272

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•80 views

CVE-2016-4285

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-20...

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2017/03/14 4:59 p.m.•80 views

CVE-2017-3000

Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure.

6.5CVSS6.8AI score0.26283EPSS

CVE•added 2016/06/16 2:59 p.m.•79 views

CVE-2016-4152

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-4284

9.3CVSS9.1AI score0.26204EPSS

Total number of security vulnerabilities294