Flash Player Security Vulnerabilities and Issues — Page 21 of Flash Player CVE List

Lucene search

AdobeFlash Player

1084 matches found

CVE•added 2013/03/13 4:55 p.m.•55 views

CVE-2013-1371

Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and A...

10CVSS7.7AI score0.03725EPSS

CVE•added 2013/04/10 3:48 a.m.•55 views

CVE-2013-1379

Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3....

10CVSS7.6AI score0.06383EPSS

CVE•added 2014/06/11 10:57 a.m.•55 views

CVE-2014-0536

Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (...

10CVSS7.7AI score0.08647EPSS

CVE•added 2014/09/10 1:55 a.m.•55 views

CVE-2014-0548

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remo...

7.5CVSS6.5AI score0.01325EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-8443

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.5AI score0.10924EPSS

CVE•added 2015/08/14 1:59 a.m.•55 views

CVE-2015-5129

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a...

10CVSS7.8AI score0.10643EPSS

CVE•added 2016/03/04 11:59 p.m.•55 views

CVE-2015-8822

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arb...

9.3CVSS9.1AI score0.60453EPSS

CVE•added 2016/04/09 1:59 a.m.•55 views

CVE-2016-1025

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-20...

9.3CVSS9AI score0.05385EPSS

CVE•added 2016/04/09 1:59 a.m.•55 views

CVE-2016-1030

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.

8.1CVSS8.6AI score0.011EPSS

CVE•added 2007/04/13 6:19 p.m.•54 views

CVE-2007-2022

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.

6.8CVSS5.9AI score0.15365EPSS

CVE•added 2007/12/20 1:46 a.m.•54 views

CVE-2007-6244

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player A...

4.3CVSS5.5AI score0.58426EPSS

CVE•added 2009/12/10 7:30 p.m.•54 views

CVE-2009-3797

Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.

9.3CVSS7.8AI score0.04349EPSS

CVE•added 2012/10/09 11:13 a.m.•54 views

CVE-2012-5259

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK b...

10CVSS7.9AI score0.06407EPSS

CVE•added 2012/10/09 11:13 a.m.•54 views

CVE-2012-5265

10CVSS7.9AI score0.06407EPSS

CVE•added 2013/05/16 11:45 a.m.•54 views

CVE-2013-3327

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3....

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•54 views

CVE-2013-3330

10CVSS7.7AI score0.03998EPSS

CVE•added 2014/11/11 11:55 p.m.•54 views

CVE-2014-0588

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arb...

10CVSS7.4AI score0.08236EPSS

CVE•added 2014/11/11 11:55 p.m.•54 views

CVE-2014-0589

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbit...

10CVSS7.9AI score0.23401EPSS

CVE•added 2015/08/14 1:59 a.m.•54 views

CVE-2015-5131

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different ...

10CVSS7.7AI score0.71451EPSS

CVE•added 2015/09/22 10:59 a.m.•54 views

CVE-2015-6678

Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspec...

10CVSS7.7AI score0.02752EPSS

CVE•added 2015/10/18 10:59 a.m.•54 views

CVE-2015-7641

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary co...

10CVSS7.4AI score0.19895EPSS

CVE•added 2016/03/04 11:59 p.m.•54 views

CVE-2015-8657

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of ...

9.3CVSS9AI score0.13403EPSS

CVE•added 2016/03/04 11:59 p.m.•54 views

CVE-2015-8820

9.3CVSS9AI score0.13403EPSS

CVE•added 2016/07/13 2:0 a.m.•54 views

CVE-2016-4234

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•54 views

CVE-2016-4236

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•54 views

CVE-2016-4246

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2017/06/20 5:29 p.m.•54 views

CVE-2017-3076

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution.

10CVSS9.4AI score0.53858EPSS

CVE•added 2017/06/20 5:29 p.m.•54 views

CVE-2017-3078

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution.

10CVSS9.4AI score0.69989EPSS

CVE•added 2007/12/20 1:46 a.m.•53 views

CVE-2007-6242

Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."

6.8CVSS7.4AI score0.60627EPSS

CVE•added 2011/02/10 4:0 p.m.•53 views

CVE-2011-0560

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011...

9.3CVSS9AI score0.13697EPSS

CVE•added 2012/10/09 11:13 a.m.•53 views

CVE-2012-5260

10CVSS7.9AI score0.06407EPSS

CVE•added 2013/05/16 11:45 a.m.•53 views

CVE-2013-3324

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•53 views

CVE-2013-3326

10CVSS7.7AI score0.03998EPSS

CVE•added 2013/05/16 11:45 a.m.•53 views

CVE-2013-3333

10CVSS7.7AI score0.03998EPSS

CVE•added 2014/03/12 5:15 a.m.•53 views

CVE-2014-0504

Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors.

5CVSS6.3AI score0.01253EPSS

CVE•added 2014/11/11 11:55 p.m.•53 views

CVE-2014-8442

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to ...

7.5CVSS6.4AI score0.02581EPSS

CVE•added 2015/10/14 11:59 p.m.•53 views

CVE-2015-5569

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 improperly implement the Flash broker API, which has unspecified impact ...

10CVSS6.3AI score0.06007EPSS

CVE•added 2015/10/18 10:59 a.m.•53 views

CVE-2015-7640

10CVSS7.4AI score0.19895EPSS

CVE•added 2015/10/18 10:59 a.m.•53 views

CVE-2015-7642

10CVSS7.4AI score0.19895EPSS

CVE•added 2016/03/04 11:59 p.m.•53 views

CVE-2015-8658

9.3CVSS9AI score0.13403EPSS

CVE•added 2016/07/13 2:0 a.m.•53 views

CVE-2016-4244

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2007/12/20 1:46 a.m.•52 views

CVE-2007-6245

Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.

5.8CVSS6.4AI score0.29906EPSS

CVE•added 2009/12/10 7:30 p.m.•52 views

CVE-2009-3796

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."

9.3CVSS8AI score0.0288EPSS

CVE•added 2012/11/13 1:39 p.m.•52 views

CVE-2012-5285

10CVSS7.9AI score0.08262EPSS

CVE•added 2014/09/10 10:55 a.m.•52 views

CVE-2014-0554

10CVSS6.4AI score0.10196EPSS

CVE•added 2016/03/04 11:59 p.m.•52 views

CVE-2015-8653

9.3CVSS9.1AI score0.60453EPSS

CVE•added 2016/04/22 6:59 p.m.•52 views

CVE-2015-8823

Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20....

9.3CVSS9.1AI score0.60453EPSS

CVE•added 2016/07/13 2:0 a.m.•52 views

CVE-2016-4249

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors.

9.3CVSS9AI score0.04682EPSS

CVE•added 2007/10/18 12:17 a.m.•51 views

CVE-2007-5476

Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors.

10CVSS9.4AI score0.20643EPSS

CVE•added 2011/02/10 4:0 p.m.•51 views

CVE-2011-0571

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011...

9.3CVSS9AI score0.13697EPSS

Total number of security vulnerabilities1084