Flash Player Security Vulnerabilities and Issues — Page 19 of Flash Player CVE List

Lucene search

AdobeFlash Player

1084 matches found

CVE•added 2017/06/20 5:29 p.m.•61 views

CVE-2017-3077

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution.

10CVSS9.4AI score0.53858EPSS

CVE•added 2017/06/20 5:29 p.m.•61 views

CVE-2017-3083

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.

10CVSS9.3AI score0.01682EPSS

CVE•added 2018/05/19 5:29 p.m.•61 views

CVE-2018-4933

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

6.5CVSS6.8AI score0.03592EPSS

CVE•added 2008/04/09 9:5 p.m.•60 views

CVE-2007-0071

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflo...

9.3CVSS7.8AI score0.90161EPSS

CVE•added 2007/07/11 4:30 p.m.•60 views

CVE-2007-3456

Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an "input validation error," including a signed comparison of v...

9.3CVSS8AI score0.76622EPSS

CVE•added 2011/02/10 4:0 p.m.•60 views

CVE-2011-0558

Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.

9.3CVSS8.8AI score0.0232EPSS

CVE•added 2011/05/13 10:55 p.m.•60 views

CVE-2011-0579

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to obtain sensitive information via unspecified vectors.

5CVSS8AI score0.01059EPSS

CVE•added 2012/10/09 11:13 a.m.•60 views

CVE-2012-5261

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 al...

10CVSS7.8AI score0.06135EPSS

CVE•added 2012/11/07 5:41 a.m.•60 views

CVE-2012-5274

Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK be...

10CVSS7.7AI score0.03431EPSS

CVE•added 2014/03/12 5:15 a.m.•60 views

CVE-2014-0503

Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

6.4CVSS6.6AI score0.00502EPSS

CVE•added 2015/07/09 4:59 p.m.•60 views

CVE-2014-0578

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via...

5CVSS6.3AI score0.2766EPSS

CVE•added 2014/11/11 11:55 p.m.•60 views

CVE-2014-0585

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unsp...

10CVSS7.3AI score0.15077EPSS

CVE•added 2014/11/11 11:55 p.m.•60 views

CVE-2014-0586

10CVSS7.3AI score0.15077EPSS

CVE•added 2015/01/13 11:59 p.m.•60 views

CVE-2015-0308

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & C...

10CVSS7.4AI score0.08652EPSS

CVE•added 2015/02/06 12:59 a.m.•60 views

CVE-2015-0327

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323.

10CVSS7.9AI score0.07941EPSS

CVE•added 2015/02/06 12:59 a.m.•60 views

CVE-2015-0328

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CV...

10CVSS7.1AI score0.08682EPSS

CVE•added 2015/07/09 4:59 p.m.•60 views

CVE-2015-3120

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an ...

10CVSS7.3AI score0.08783EPSS

CVE•added 2015/07/09 4:59 p.m.•60 views

CVE-2015-3133

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial...

10CVSS7.7AI score0.65297EPSS

CVE•added 2015/07/09 4:59 p.m.•60 views

CVE-2015-3135

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute a...

10CVSS6.4AI score0.68034EPSS

CVE•added 2015/07/09 4:59 p.m.•60 views

CVE-2015-4431

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial...

10CVSS7.7AI score0.65297EPSS

CVE•added 2015/07/09 4:59 p.m.•60 views

CVE-2015-5116

5CVSS6.3AI score0.2766EPSS

CVE•added 2015/09/22 10:59 a.m.•60 views

CVE-2015-5576

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows att...

5CVSS6.4AI score0.03799EPSS

CVE•added 2015/09/22 10:59 a.m.•60 views

CVE-2015-5577

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (...

10CVSS7.8AI score0.06367EPSS

CVE•added 2015/12/10 5:59 a.m.•60 views

CVE-2015-8406

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arb...

10CVSS9.2AI score0.60453EPSS

CVE•added 2016/03/04 11:59 p.m.•60 views

CVE-2015-8655

9.3CVSS9.1AI score0.60453EPSS

CVE•added 2017/06/27 8:29 p.m.•60 views

CVE-2016-0959

Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash ...

10CVSS9.2AI score0.00978EPSS

CVE•added 2016/02/10 8:59 p.m.•60 views

CVE-2016-0979

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of ...

9.3CVSS9.2AI score0.43246EPSS

CVE•added 2016/04/09 1:59 a.m.•60 views

CVE-2016-1022

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-20...

9.3CVSS9AI score0.05385EPSS

CVE•added 2016/04/09 1:59 a.m.•60 views

CVE-2016-1033

9.3CVSS9AI score0.05385EPSS

CVE•added 2016/05/11 11:1 a.m.•60 views

CVE-2016-4111

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/06/16 2:59 p.m.•60 views

CVE-2016-4166

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

9.3CVSS8.9AI score0.02194EPSS

CVE•added 2016/07/13 2:0 a.m.•60 views

CVE-2016-4217

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•60 views

CVE-2016-4221

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•60 views

CVE-2016-4240

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•60 views

CVE-2016-4247

Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information via unspecified vectors.

5.3CVSS6.2AI score0.01099EPSS

CVE•added 2018/05/19 5:29 p.m.•60 views

CVE-2018-4934

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

6.5CVSS6.8AI score0.19016EPSS

CVE•added 2006/09/12 11:7 p.m.•59 views

CVE-2006-4640

Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors.

6.8CVSS6.3AI score0.29973EPSS

CVE•added 2008/04/02 6:44 p.m.•59 views

CVE-2008-1654

Interaction error between Adobe Flash and multiple Universal Plug and Play (UPnP) services allow remote attackers to perform Cross-Site Request Forgery (CSRF) style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP control point, as demonstrated by changing the prim...

4.3CVSS6.6AI score0.30802EPSS

CVE•added 2008/04/09 9:5 p.m.•59 views

CVE-2008-1655

Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.

4.3CVSS6.3AI score0.30112EPSS

CVE•added 2009/07/31 7:30 p.m.•59 views

CVE-2009-1870

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."

4.9CVSS7.1AI score0.00188EPSS

CVE•added 2011/02/10 4:0 p.m.•59 views

CVE-2011-0573

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011...

9.3CVSS9AI score0.12485EPSS

CVE•added 2011/02/10 4:0 p.m.•59 views

CVE-2011-0577

Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.

9.3CVSS8.7AI score0.09825EPSS

CVE•added 2012/06/09 12:55 a.m.•59 views

CVE-2012-2040

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AI...

9.3CVSS6.2AI score0.01249EPSS

CVE•added 2013/05/16 11:45 a.m.•59 views

CVE-2013-2728

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3....

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•59 views

CVE-2013-3332

10CVSS7.7AI score0.03998EPSS

CVE•added 2014/05/14 11:13 a.m.•59 views

CVE-2014-0518

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CV...

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2014/06/11 10:57 a.m.•59 views

CVE-2014-0535

Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified v...

7.5CVSS6.5AI score0.06932EPSS

CVE•added 2015/02/06 12:59 a.m.•59 views

CVE-2015-0317

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0319.

10CVSS7.4AI score0.08751EPSS

CVE•added 2015/08/14 1:59 a.m.•59 views

CVE-2015-5544

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unsp...

10CVSS7.7AI score0.52578EPSS

CVE•added 2015/08/14 1:59 a.m.•59 views

CVE-2015-5549

10CVSS7.7AI score0.52578EPSS

Total number of security vulnerabilities1084