Flash Player Desktop Runtime Security Vulnerabilities and Issues — Flash Player Desktop Runtime CVE List

Lucene search

AdobeFlash Player Desktop Runtime

239 matches found

CVE•added 2016/03/12 3:59 p.m.•978 views

CVE-2016-1010

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary c...

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•967 views

CVE-2016-0984

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arb...

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2016/12/15 6:59 a.m.•856 views

CVE-2016-7892

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.18919EPSS

CVE•added 2016/02/10 8:59 p.m.•192 views

CVE-2016-0974

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2016/03/12 3:59 p.m.•187 views

CVE-2016-0963

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•183 views

CVE-2016-0983

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2016/02/10 8:59 p.m.•181 views

CVE-2016-0982

9.3CVSS8.9AI score0.68375EPSS

CVE•added 2016/02/10 8:59 p.m.•176 views

CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20...

9.3CVSS8.8AI score0.68375EPSS

CVE•added 2016/04/09 1:59 a.m.•174 views

CVE-2016-1015

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-...

9.3CVSS9.6AI score0.8005EPSS

CVE•added 2016/03/12 3:59 p.m.•162 views

CVE-2016-0993

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•160 views

CVE-2016-0975

Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allo...

9.3CVSS8.8AI score0.68375EPSS

CVE•added 2015/01/28 10:59 p.m.•114 views

CVE-2015-0312

Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.5AI score0.06261EPSS

CVE•added 2016/07/13 1:59 a.m.•94 views

CVE-2016-4179

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2017/03/14 4:59 p.m.•89 views

CVE-2017-2997

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01533EPSS

CVE•added 2016/06/16 2:59 p.m.•87 views

CVE-2016-4137

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

9.3CVSS8.9AI score0.4017EPSS

CVE•added 2016/10/13 7:59 p.m.•87 views

CVE-2016-4273

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-20...

9.3CVSS9AI score0.26758EPSS

CVE•added 2017/05/09 4:29 p.m.•87 views

CVE-2017-3068

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.43827EPSS

CVE•added 2017/05/09 4:29 p.m.•87 views

CVE-2017-3073

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01768EPSS

CVE•added 2019/05/22 7:29 p.m.•87 views

CVE-2019-7837

Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01421EPSS

CVE•added 2017/05/09 4:29 p.m.•85 views

CVE-2017-3070

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01969EPSS

CVE•added 2017/02/15 6:59 a.m.•84 views

CVE-2017-2986

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.34466EPSS

CVE•added 2016/06/16 2:59 p.m.•83 views

CVE-2016-4149

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/07/13 2:0 a.m.•83 views

CVE-2016-4238

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/09/14 6:59 p.m.•83 views

CVE-2016-6926

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016...

9.3CVSS9AI score0.02828EPSS

CVE•added 2017/05/09 4:29 p.m.•83 views

CVE-2017-3072

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01969EPSS

CVE•added 2017/05/09 4:29 p.m.•83 views

CVE-2017-3074

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01969EPSS

CVE•added 2016/07/13 1:59 a.m.•81 views

CVE-2016-4175

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•81 views

CVE-2016-4229

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016...

9.3CVSS9AI score0.73665EPSS

CVE•added 2017/03/14 4:59 p.m.•81 views

CVE-2017-3002

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.0114EPSS

CVE•added 2016/09/14 6:59 p.m.•80 views

CVE-2016-4272

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•80 views

CVE-2016-4285

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-20...

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/06/16 2:59 p.m.•79 views

CVE-2016-4152

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-4284

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-6930

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 7:59 p.m.•79 views

CVE-2016-6986

9.3CVSS9AI score0.26758EPSS

CVE•added 2017/03/14 4:59 p.m.•79 views

CVE-2017-2999

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01007EPSS

CVE•added 2016/06/16 2:59 p.m.•78 views

CVE-2016-4150

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6927

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6929

9.3CVSS9AI score0.02828EPSS

CVE•added 2017/02/15 6:59 a.m.•78 views

CVE-2017-2994

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.0199EPSS

CVE•added 2017/03/14 4:59 p.m.•78 views

CVE-2017-3003

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01639EPSS

CVE•added 2014/10/15 10:55 a.m.•77 views

CVE-2014-0569

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code ...

9.3CVSS7.6AI score0.8933EPSS

CVE•added 2016/06/16 2:59 p.m.•77 views

CVE-2016-4153

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-4279

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-6921

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-6931

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 8:0 p.m.•77 views

CVE-2016-6992

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."

9.3CVSS8.9AI score0.08851EPSS

CVE•added 2017/02/15 6:59 a.m.•77 views

CVE-2017-2992

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.34466EPSS

CVE•added 2016/06/16 2:59 p.m.•76 views

CVE-2016-4141

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/09/14 6:59 p.m.•76 views

CVE-2016-4283

9.3CVSS9.1AI score0.26204EPSS

Total number of security vulnerabilities239