Lucene search
+L
AdobeFlash Player

1084 matches found

CVE
CVE
added 2012/02/16 7:0 p.m.141 views

CVE-2012-0756

Adobe Flash Player vulnerable versions prior to 10.3.183.15 and 11.x prior to 11.1.102.62 on Windows, macOS, Linux, Solaris; and before 11.1.111.6 on Android 2.x/3.x, and before 11.1.115.6 on Android 4.x are affected by CVE-2012-0756, which allows bypassing intended access restrictions via unspec...

9.3CVSS6.3AI score0.14618EPSS
CVE
CVE
added 2012/03/28 7:0 p.m.141 views

CVE-2012-0772

CVE-2012-0772 affects Windows Flash Player (unspecified ActiveX control) and AIR, where URL security domain checking is mishandled. The issue can lead to arbitrary code execution or memory corruption DoS. Affected versions include Adobe Flash Player prior to 10.3.183.18 and 11.x prior to 11.2.202...

10CVSS7.7AI score0.05944EPSS
CVE
CVE
added 2010/10/29 6:0 p.m.139 views

CVE-2010-3654

CVE-2010-3654 affects Adobe Flash Player prior to 9.0.289.0 and pre-10.1.102.64 (Windows/macOS/Linux/Solaris) and Adobe Reader/Acrobat 9.x up to 9.4, with 10.1.95.1 on Android. The vulnerability allows remote code execution or memory corruption/DoS via crafted SWF content embedded in PDFs (exploi...

9.3CVSS9.7AI score0.69679EPSS
CVE
CVE
added 2018/02/06 8:0 p.m.138 views

CVE-2018-4877

Adobe Flash Player before 28.0.0.161 contains a use-after-free vulnerability in the Primetime SDK related to media player QoS, identified as CVE-2018-4877. A successful exploiter could achieve arbitrary code execution. Affected products are Flash Player versions prior to 28.0.0.161. Remediation p...

10CVSS9.5AI score0.08505EPSS
CVE
CVE
added 2017/12/09 6:0 a.m.131 views

CVE-2017-11213

Adobe Flash Player vulnerability CVE-2017-11213 affects Flash Player 27.0.0.183 and earlier. It arises from a computation reading data past the end of a target buffer due to an integer overflow when creating an arbitrarily sized bitmap, with an invalid out-of-range pointer offset during internal ...

10CVSS9.3AI score0.06518EPSS
CVE
CVE
added 2015/01/28 10:0 p.m.130 views

CVE-2015-0312

Adobe Flash Player contains a double-free vulnerability (CVE-2015-0312) reported to occur when sharing a bytearray between two workers, where one worker calls bytearray.compress() and another uses the same object. The issue can lead to arbitrary code execution and is associated with Adobe’s APSB1...

9.3CVSS7.5AI score0.07078EPSS
CVE
CVE
added 2012/08/31 7:0 p.m.129 views

CVE-2012-4171

Adobe Flash Player and Adobe AIR are affected by CVE-2012-4171, a denial-of-service flaw caused by a logic error when handling Firefox dialogs. The vulnerability affects Flash Player on Windows, macOS, Linux, and Android (various pre-allocated builds) and affects Adobe AIR/SDK before the stated b...

5CVSS6.3AI score0.04954EPSS
CVE
CVE
added 2014/04/29 10:0 a.m.129 views

CVE-2014-0515

CVE-2014-0515 is a buffer overflow in Adobe Flash Player that allowed remote code execution via unspecified vectors. Affected products include Windows/macOS Flash Player versions prior to 11.7.700.279 and 11.8.x up to 13.0.x before 13.0.0.206, and Linux Flash Player prior to 11.2.202.356. The vul...

10CVSS7.9AI score0.94569EPSS
CVE
CVE
added 2015/03/13 5:0 p.m.127 views

CVE-2015-0333

Technical details for CVE-2015-0333 are not publicly available in the provided documents; monitor for updates from advisory sources.

10CVSS9.7AI score0.05511EPSS
CVE
CVE
added 2015/03/13 5:0 p.m.126 views

CVE-2015-0332

CVE-2015-0332 affects Adobe Flash Player prior to 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows/OS X, and before 11.2.202.451 on Linux. The vulnerability is a memory corruption flaw that could allow remote code execution or cause a denial of service via unspecified vectors. Connec...

10CVSS9.6AI score0.05975EPSS
CVE
CVE
added 2019/06/12 3:14 p.m.126 views

CVE-2019-7845

Adobe Flash Player versions 32.0.0.192 and earlier are affected by a use-after-free vulnerability (CVE-2019-7845) that could allow remote arbitrary code execution. The CVE is documented across multiple feeds, with affected products including the Desktop Runtime and browser-integrated Flash Player...

8.8CVSS8.8AI score0.05504EPSS
CVE
CVE
added 2008/11/10 11:0 a.m.124 views

CVE-2008-4818

CVE-2008-4818 is an XSS in Adobe Flash Player related to how HTTP response headers are interpreted. The vulnerability affects Flash Player 9.0.124.0 and earlier. In Red Hat advisories, fixes are delivered via flash-plugin updates: RHSA-2008-0980 for older RHEL3/4/others (updating to Flash Player ...

4.3CVSS5.4AI score0.04731EPSS
CVE
CVE
added 2015/03/13 5:0 p.m.124 views

CVE-2015-0336

CVE-2015-0336 : A type confusion vulnerability in Adobe Flash Player’s NetConnection class can lead to arbitrary code execution. Affected products are Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and macOS, and before 11.2.202.451 on Linux. The root cause is d...

9.3CVSS9.6AI score0.71536EPSS
CVE
CVE
added 2008/11/10 11:0 a.m.123 views

CVE-2008-4821

CVE-2008-4821 affects Adobe Flash Player 9.0.124.0 and earlier when used in Mozilla browsers; jar: URL handling could disclose sensitive information. The vulnerability is addressed by Red Hat advisories RHSA-2008:0980/0945, which require upgrading Flash Player to version 9.0.151.0. Exploitation d...

4.3CVSS5.6AI score0.05138EPSS
CVE
CVE
added 2015/04/14 10:0 p.m.123 views

CVE-2015-0359

CVE-2015-0359 is a double-free vulnerability in Adobe Flash Player that can lead to arbitrary code execution via unspecified vectors. Publicly cited affected versions include Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X, and before 11.2.202.457 on Lin...

10CVSS7.5AI score0.95184EPSS
In wild
CVE
CVE
added 2008/11/17 10:0 p.m.122 views

CVE-2008-4824

CVE-2008-4824 concerns multiple input validation errors in Adobe Flash Player. The vulnerability affects Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 and allows a remote attacker to execute arbitrary code via unspecified vectors. Related advisories (RHSA-2008-0945/0980 and Gentoo ...

9.3CVSS7.5AI score0.13254EPSS
CVE
CVE
added 2008/08/29 5:0 p.m.121 views

CVE-2008-3873

CVE-2008-3873 affects Adobe Flash Player (9.0.124.0 and earlier). The flaw allows a remote, unauthenticated attacker to populate the clipboard with a URL via System.setClipboard, potentially misleading users without interaction. In practice, a malicious SWF could push an attacker-controlled URL t...

4.3CVSS6.2AI score0.03663EPSS
CVE
CVE
added 2018/11/29 8:0 p.m.121 views

CVE-2018-15981

CVE-2018-15981 indicates a type-confusion vulnerability in Adobe Flash Player, affecting versions up to 31.0.0.148 (and earlier). Successful exploitation could lead to arbitrary code execution. Multiple connected advisories confirm the issue and note a fix in upstream version 31.0.0.153 (and late...

10CVSS9.4AI score0.11702EPSS
CVE
CVE
added 2008/10/17 6:0 p.m.120 views

CVE-2008-4401

CVE-2008-4401 affects Adobe Flash Player 9.0.124.0 and earlier. The issue arises because ActionScript FileReference.browse() and FileReference.download() can be triggered without user interaction, enabling a remote SWF to cause a browse dialog to appear and potentially other impact. Connected adv...

10CVSS6.8AI score0.07146EPSS
CVE
CVE
added 2015/08/14 1:0 a.m.120 views

CVE-2015-5133

Technical details about CVE-2015-5133 are not publicly provided in the supplied documents. Monitor for updates from official advisories; the connected entries reference the CVE but do not disclose specifics here.

10CVSS7.7AI score0.50728EPSS
CVE
CVE
added 2008/11/10 11:0 a.m.119 views

CVE-2008-4823

CVE-2008-4823 affects Adobe Flash Player up to 9.0.124.0, with a vulnerability in how an ActionScript attribute is interpreted that could allow arbitrary HTML/script injection (XSS). Public advisories (RHSA-2008:0945/0980) and Gentoo GLSA-200903-23 list Flash Player updates and note upgrading to ...

4.3CVSS5.4AI score0.04731EPSS
CVE
CVE
added 2015/08/14 1:0 a.m.119 views

CVE-2015-5132

CVE-2015-5132 is a Flash Player buffer overflow vulnerability exploited via parsing of specially crafted SWF files. Affected: Windows/OS X Flash Player < 18.0.0.232; Linux Flash Player

10CVSS7.7AI score0.50728EPSS
CVE
CVE
added 2007/12/20 1:0 a.m.117 views

CVE-2007-6243

Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 is affected by CVE-2007-6243 due to insufficient restriction of cross-domain policy files, enabling remote cross-domain and cross-site scripting (XSS) attacks. In the connected Red Hat advisories, this issue is list...

9.3CVSS5.4AI score0.08467EPSS
CVE
CVE
added 2014/09/10 1:0 a.m.117 views

CVE-2014-0559

CVE-2014-0559 describes a heap-based buffer overflow in Adobe Flash Player and AIR, caused by an integer/length handling issue in CopyPixelsToByteArray and related vector data structures. Exploitation relies on manipulating a large ByteArray position to trigger a write past the buffer end, then u...

10CVSS7.8AI score0.12991EPSS
CVE
CVE
added 2019/05/24 6:41 p.m.117 views

CVE-2019-7090

Adobe Flash Player vulnerable to an out-of-bounds read (CVE-2019-7090) in Desktop Runtime and browser plugins (Flash Player Desktop Runtime 32.0.0.114 and earlier; Chrome/plugin 32.0.0.114 and earlier; Edge/IE11 32.0.0.114 and earlier) that could disclose information. Connected sources confirm th...

6.5CVSS5.7AI score0.04795EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.116 views

CVE-2010-0209

CVE-2010-0209 affects Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3. The vulnerability enables arbitrary code execution or memory corruption via unspecified vectors. Connected sources corroborate multiple advisories and patches surrounding this CVE, noti...

9.3CVSS9.7AI score0.0459EPSS
CVE
CVE
added 2015/04/14 10:0 p.m.116 views

CVE-2015-0346

CVE-2015-0346 is a double-free vulnerability in Adobe Flash Player that allows arbitrary code execution. Affected products and versions: Windows and OS X builds prior to 13.0.0.281, and 14.x up to 17.x before 17.0.0.169; Linux prior to 11.2.202.457. Root cause: a double-free condition in Flash’s ...

10CVSS7.5AI score0.10378EPSS
In wild
CVE
CVE
added 2017/05/09 4:0 p.m.116 views

CVE-2017-3068

CVE-2017-3068 is an Adobe Flash Player vulnerability affecting versions up to 25.0.0.148 (and earlier) where memory corruption in the Advanced Video Coding (AVC) engine could allow an attacker to execute arbitrary code. Several advisories note a remote code-execution risk via crafted SWF content ...

9.3CVSS8.9AI score0.20353EPSS
CVE
CVE
added 2008/11/10 11:0 a.m.115 views

CVE-2008-4822

Adobe Flash Player/Flash plugin is affected by CVE-2008-4822, which describes a flaw in interpreting policy files that could bypass a non-root domain policy. Public advisories (e.g., RHSA-2008-0980 for Red Hat systems and GLSA-2009-03-23 for Gentoo) note that Flash policy interpretation issues we...

6.8CVSS6.3AI score0.05241EPSS
CVE
CVE
added 2011/08/15 9:0 p.m.115 views

CVE-2011-2424

CVE-2011-2424 is listed among Adobe Reader/Flash Player vulnerability advisories (RHSA-2011:1434, RHSA-2011:1144) affecting Adobe Reader and Flash Player where a crafted SWF in PDFs could cause memory corruption and remote code execution. The connected advisories indicate multiple Flash/Reader fl...

9.3CVSS8.8AI score0.06905EPSS
CVE
CVE
added 2016/07/13 1:0 a.m.115 views

CVE-2016-4178

CVE-2016-4178 concerns Adobe Flash Player, where a security bypass could lead to information disclosure. The CVE entry covers affected versions on multiple platforms: Windows/OS X builds prior to 18.0.0.366 and 19.x through 22.x prior to 22.0.0.209; Linux builds prior to 11.2.202.632. The vulnera...

4.3CVSS5.8AI score0.03185EPSS
CVE
CVE
added 2016/07/13 1:0 a.m.114 views

CVE-2016-4179

Technical details for CVE-2016-4179 are not publicly available in the provided Connected documents. Monitor for updates from vendor advisories and public sources.

9.3CVSS9.3AI score0.20475EPSS
CVE
CVE
added 2007/08/14 12:0 a.m.113 views

CVE-2007-4324

Summary: CVE-2007-4324 affects Adobe Flash Player (and related Flash plugins) where ActionScript/Flash content could be used to determine open ports on a target via timing discrepancies in SecurityErrorEvent handling. Connected advisories (RHSA/RHSA sub-pages) confirm this issue as part of multip...

5CVSS6.4AI score0.07933EPSS
CVE
CVE
added 2011/06/16 11:0 p.m.113 views

CVE-2011-2110

CVE-2011-2110 affects Adobe Flash Player versions prior to 10.3.181.26 (Windows/macOS/Linux/Solaris) and prior to 10.3.185.23 on Android, with a memory corruption flaw that allowed remote code execution or a crash via unspecified vectors; exploitation was observed in the wild in June 2011. The is...

10CVSS8.9AI score0.86421EPSS
CVE
CVE
added 2015/04/14 10:0 p.m.113 views

CVE-2015-3044

CVE-2015-3044 affects Adobe Flash Player across Windows, macOS and Linux (e.g., Flash Player before 13.0.0.281 and 14.x up to 17.x before 17.0.0.169 on Windows/macOS; before 11.2.202.457 on Linux). The vulnerability is a access restriction bypass that could leak sensitive data via unspecified vec...

5CVSS5.9AI score0.09395EPSS
CVE
CVE
added 2015/12/10 2:0 a.m.113 views

CVE-2015-8068

Technical details about CVE-2015-8068 are not publicly available in the provided connected documents; no concrete affected products, versions, root cause, or remediation are disclosed here. Monitor for updates.

10CVSS9.2AI score0.05794EPSS
CVE
CVE
added 2010/06/15 5:48 p.m.112 views

CVE-2010-2188

Technical details about CVE-2010-2188 are not publicly available in the provided connected documents. Monitor for updates in EUVD entries and other sources for concrete information on affected products, impact, and fixes.

9.3CVSS9.9AI score0.06751EPSS
CVE
CVE
added 2015/11/11 11:0 a.m.112 views

CVE-2015-7663

CVE-2015-7663 is a use-after-free vulnerability affecting Adobe Flash Player prior to 18.0.0.261 and 19.x prior to 19.0.0.245 on Windows/OS X, and prior to 11.2.202.548 on Linux; and Adobe AIR before 19.0.0.241 (and related SDK/Compiler). It allows attackers to execute arbitrary code via unspecif...

10CVSS7.7AI score0.06259EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.112 views

CVE-2016-4138

CVE-2016-4138 is a buffer overflow vulnerability in Adobe Flash Player 21.0.0.242 and earlier, affecting the Flash runtime used by Microsoft Internet Explorer 10/11 and Edge. Connected sources indicate the issue can enable arbitrary code execution via crafted content (e.g., ATF files) and that ex...

10CVSS9.1AI score0.25419EPSS
Web
CVE
CVE
added 2019/05/23 4:55 p.m.112 views

CVE-2019-7096

Adobe Flash Player is affected by CVE-2019-7096 (use-after-free leading to arbitrary code execution) and CVE-2019-7108 (out-of-bounds read leading to information disclosure) in versions up to 32.0.0.156. Multiple connected advisories confirm the issues and recommend upgrading to 32.0.0.171 (or la...

10CVSS9.6AI score0.06376EPSS
CVE
CVE
added 2008/11/10 11:0 a.m.111 views

CVE-2008-4819

CVE-2008-4819 is an unspecified DNS rebinding vulnerability in Adobe Flash Player 9.0.124.0 and earlier. Affected: Flash Player (multiple OS/browser contexts); impact described as enabling DNS rebinding by remote attackers via unknown vectors. Remediation evidenced in connected advisories: Red Ha...

6.8CVSS6.3AI score0.05241EPSS
CVE
CVE
added 2014/07/09 1:0 a.m.111 views

CVE-2014-4671

CVE-2014-4671 refers to a Flash/ AIR JSONP CSRF vulnerability where SWF content could bypass restrictions, enabling remote CSRF attacks against JSONP endpoints and potential data exposure. Affected products include Adobe Flash Player (Windows/macOS: up to 13.0.0.231 and 14.x up to 14.0.0.145; Lin...

4.3CVSS6.5AI score0.23024EPSS
CVE
CVE
added 2017/03/14 4:0 p.m.111 views

CVE-2017-2997

CVE-2017-2997 is an Adobe Flash Player vulnerability (≤ 24.0.0.221) describing a stack/heap buffer overflow in Primetime TVSDK that could allow arbitrary code execution. Multiple connected advisories confirm the issue affects Flash Player components and remote exploitation is possible via crafted...

9.3CVSS8.9AI score0.07404EPSS
CVE
CVE
added 2010/06/15 5:48 p.m.110 views

CVE-2010-2179

CVE-2010-2179 is a documented XSS in Adobe Flash Player (and related Flash/AIR components) triggered when Firefox/Chrome access certain URLs. Connected advisories (RHSA-2010-0470 and RHSA-2010-0464) describe a flash-plugin security update addressing this and related CVEs, noting an input sanitiza...

4.3CVSS7.5AI score0.05897EPSS
CVE
CVE
added 2010/09/15 5:26 p.m.110 views

CVE-2010-2884

CVE-2010-2884 affects Adobe Flash Player 10.1.82.76 and earlier (Windows, macOS, Linux, Solaris) and 10.1.92.10 on Android, plus authplay.dll in Adobe Reader/Acrobat 9.x (before 9.4) and 8.x (before 8.2.5). The vulnerability enables remote code execution or memory corruption via unspecified vecto...

9.3CVSS9.7AI score0.15621EPSS
CVE
CVE
added 2012/04/06 8:0 p.m.110 views

CVE-2012-0724

CVE-2012-0724 affects Adobe Flash Player prior to 11.2.202.229 in Google Chrome prior to 18.0.1025.151. The vulnerability enables memory corruption leading to a possible denial of service or other unspecified impact via unknown vectors (distinct from CVE-2012-0725). Connected advisories corrobora...

9.3CVSS7AI score0.01984EPSS
CVE
CVE
added 2015/12/10 2:0 a.m.109 views

CVE-2015-8418

CVE-2015-8418 affects Adobe Flash Player (Windows/macOS: before 18.0.0.268 and 19.x; before 20.0.0.228 for 20.x on Windows/macOS; Linux: before 11.2.202.554) and Adobe AIR (before 20.0.0.204, including AIR SDK before 20.0.0.204) with memory corruption allowing arbitrary code execution or a denial...

10CVSS9.1AI score0.06133EPSS
CVE
CVE
added 2017/01/11 4:40 a.m.109 views

CVE-2017-2930

CVE-2017-2930 affects Adobe Flash Player versions 24.0.0.186 and earlier. The vulnerability is a memory corruption caused by a concurrency error while manipulating a display list, and is able to lead to arbitrary code execution on a remote host. Exploitation was demonstrated in advisories and exp...

9.3CVSS8.9AI score0.25064EPSS
CVE
CVE
added 2015/12/28 11:0 p.m.108 views

CVE-2015-8634

CVE-2015-8634 describes a use-after-free vulnerability in Adobe Flash Player (Windows/macOS: prior to 18.0.0.324 and 19.x; prior to 20.0.0.267 for 20.x) and Linux prior to 11.2.202.559, as well as in Adobe AIR before 20.0.0.233 (including AIR SDK/Compiler before 20.0.0.233). It allows attackers t...

9.3CVSS9.1AI score0.25466EPSS
CVE
CVE
added 2019/05/22 6:8 p.m.108 views

CVE-2019-7837

Summary: CVE-2019-7837 is a use-after-free vulnerability in Adobe Flash Player that could allow arbitrary code execution. The issue affects multiple Flash runtimes prior to version 32.0.0.192 (as reflected in Red Hat RHSA-2019:1234 and related advisories). Affected products/components: Adobe Flas...

9.3CVSS8.8AI score0.09732EPSS
Total number of security vulnerabilities1084