Lucene search
+L
AdobeFlash Player

1084 matches found

CVE
CVE
added 2010/11/07 9:0 p.m.108 views

CVE-2010-3646

Technical details about CVE-2010-3646 are not publicly available in the provided connected documents; monitor for updates.

9.3CVSS9.7AI score0.05207EPSS
CVE
CVE
added 2006/02/02 11:0 a.m.107 views

CVE-2005-4708

The CVE-2005-4708 entry concerns Adobe Macromedia MX 2004 products, Captivate, Contribute 2/3, and the eLicensing client. The vulnerability arises from the Macromedia Licensing Service being installed with the Users group allowed to configure the service, including the path to the executable. Thi...

7.2CVSS7.7AI score0.01224EPSS
CVE
CVE
added 2010/06/15 5:48 p.m.107 views

CVE-2010-2178

Adobe Flash Player before 9.0.277.0 and before 10.1.53.64, and Adobe AIR before 2.0.2.12610, are affected by CVE-2010-2178, which is described as enabling memory corruption that could lead to denial of service or possibly arbitrary code execution via unspecified vectors. The description reference...

9.3CVSS9.9AI score0.06081EPSS
CVE
CVE
added 2013/11/13 1:0 a.m.107 views

CVE-2013-5329

CVE-2013-5329 is a memory-corruption vulnerability in multiple Flash Player versions (Windows/macOS: prior to 11.9.900.152; Linux: prior to 11.2.202.327) and in related AIR components (AIR before 3.9.0.1210). Exploitation could lead to arbitrary code execution or a crash. The publicly referenced ...

10CVSS7.9AI score0.05759EPSS
CVE
CVE
added 2014/05/14 10:0 a.m.107 views

CVE-2014-0516

CVE-2014-0516 refers to a Same Origin Policy bypass in Adobe Flash Player and AIR SDK components. Publicly affected versions include Windows/macOS Flash Player prior to 13.0.0.214 and Linux prior to 11.2.202.359, as well as AIR SDK prior to 13.0.0.111 and AIR SDK & Compiler prior to 13.0.0.111. T...

7.5CVSS6.5AI score0.03912EPSS
CVE
CVE
added 2014/09/10 1:0 a.m.107 views

CVE-2014-0556

CVE-2014-0556 is an Adobe Flash Player/ AIR heap overflow triggered by an integer overflow in copyPixelsToByteArray, caused when a ByteArray’s position is set very large. Exploits publicly describe a heap grooming chain that corrupts a Vector. length to achieve arbitrary read/write and ultimately...

10CVSS8AI score0.84298EPSS
CVE
CVE
added 2016/06/16 2:0 p.m.107 views

CVE-2016-4137

CVE-2016-4137 is a memory corruption vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used within the Adobe Flash libraries in Internet Explorer 10/11 and Microsoft Edge. The vulnerability can lead to remote code execution and is confirmed to have an exploit in the wild (Exploit-DB ent...

9.3CVSS8.9AI score0.16385EPSS
Web
CVE
CVE
added 2015/06/10 1:0 a.m.106 views

CVE-2015-3097

CVE-2015-3097 is an information-disclosure issue in Adobe Flash embedded in Chrome (and other Flash runtimes) where the random Flash heap address was not chosen securely, enabling an attacker to predict the address. The Mac OS X Nessus entry for Google Chrome

5CVSS6.3AI score0.11997EPSS
CVE
CVE
added 2015/07/09 4:0 p.m.106 views

CVE-2015-3128

CVE-2015-3128 is a use-after-free vulnerability in Adobe Flash Player (Windows/OS X: affected builds include before 13.0.0.302 and 14.x up to 18.x before 18.0.0.203; Linux: before 11.2.202.481) and in Adobe AIR/ AIR SDK/ SDK & Compiler before 18.0.0.180. The issue allows remote code execution via...

10CVSS7.5AI score0.39237EPSS
CVE
CVE
added 2016/10/13 7:0 p.m.106 views

CVE-2016-4273

CVE-2016-4273 affects Adobe Flash Player prior to 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows/macOS, and before 11.2.202.637 on Linux. The issue is a memory corruption vulnerability exploitable via unspecified vectors, linked to a separate group of CVEs (2016-6982…6990). The con...

9.3CVSS9AI score0.19899EPSS
CVE
CVE
added 2017/01/11 4:40 a.m.106 views

CVE-2017-2932

CVE-2017-2932 affects Adobe Flash Player versions 24.0.0.186 and earlier, with a use-after-free vulnerability in the ActionScript MovieClip class that could lead to arbitrary code execution. Several advisories summarize the issue (e.g., ASA-201701-16/17) and the Arch Linux entry lists it among mu...

9.3CVSS8.8AI score0.24593EPSS
CVE
CVE
added 2017/02/15 6:11 a.m.106 views

CVE-2017-2992

CVE-2017-2992 is a heap-based buffer overflow vulnerability in Adobe Flash Player triggered while parsing an MP4 header. It affects versions up to 24.0.0.194 (and earlier) per the CVE entry, with multiple advisories confirming a fix in 24.0.0.221 or later. The issue could allow arbitrary code exe...

9.3CVSS8.9AI score0.32676EPSS
Web
CVE
CVE
added 2017/05/09 4:0 p.m.106 views

CVE-2017-3073

CVE-2017-3073 affects Adobe Flash Player 25.0.0.148 and earlier, with an exploitable use-after-free vulnerability when handling multiple mask properties of display objects, leading to memory corruption and potential arbitrary code execution. Multiple connected advisories confirm the affected comp...

9.3CVSS8.8AI score0.0486EPSS
CVE
CVE
added 2018/08/29 1:0 p.m.106 views

CVE-2018-12824

CVE-2018-12824 affects Adobe Flash Player (and the flash-plugin in distributions) prior to version 30.0.0.154. The root cause is an out-of-bounds read that can lead to information disclosure. Public advisories (APSB18-25) document multiple vulnerabilities in Flash Player 30.x and provide a securi...

5.9CVSS6.8AI score0.10854EPSS
CVE
CVE
added 2015/12/10 2:0 a.m.105 views

CVE-2015-8061

Technical details (affected products, versions, root cause, fixes) are not provided in the connected documents for CVE-2015-8061; monitor for updates.

10CVSS9.2AI score0.05794EPSS
CVE
CVE
added 2016/03/12 3:0 p.m.105 views

CVE-2016-0998

CVE-2016-0998 is a use-after-free vulnerability in Adobe Flash Player (and related AIR components) that allows arbitrary code execution via unspecified vectors on Windows, OS X, and Linux, affecting Flash Player prior to 18.0.0.333 and 19.x–21.x before 21.0.0.182, and AIR before 21.0.0.176. The r...

9.3CVSS9AI score0.29593EPSS
Web
CVE
CVE
added 2016/07/13 1:0 a.m.105 views

CVE-2016-4238

CVE-2016-4238 affects Adobe Flash Player: Windows/macOS versions before 18.0.0.366 and 19.x–22.x before 22.0.0.209, and Linux before 11.2.202.632. Root cause/vectors are described as unspecified. Impact includes arbitrary code execution or memory-corruption-based DoS. No remediation details provi...

9.3CVSS9.3AI score0.04434EPSS
CVE
CVE
added 2019/05/23 4:49 p.m.105 views

CVE-2019-7108

Adobe Flash Player versions 32.0.0.156 and earlier are affected by an out-of-bounds read vulnerability (CVE-2019-7108) that could lead to information disclosure. Multiple connected advisories confirm the issue in Flash Player and list upgrade as the remediation: upgrade to 32.0.0.171 or newer (e....

7.5CVSS7.9AI score0.03192EPSS
CVE
CVE
added 2006/10/17 9:0 p.m.104 views

CVE-2006-5330

The CVE-2006-5330 issue affects Adobe Flash Player plugins prior to 7.0.69 (and earlier variants) across Windows, Linux, Solaris, and macOS, causing remote attackers to modify HTTP headers and perform HTTP Request Splitting via CRLF in arguments to ActionScript functions (XML.addRequestHeader, XM...

5CVSS8AI score0.23148EPSS
CVE
CVE
added 2011/08/10 9:16 p.m.104 views

CVE-2011-2130

CVE-2011-2130 is a buffer-overflow vulnerability in Adobe Flash Player affecting Windows, Mac OS X, Linux, Solaris (pre-10.3.183.5) and Android (pre-10.3.186.3), and Adobe AIR (pre-2.7.1/2.7.1.1961). It allows arbitrary code execution via unspecified vectors and is separate from CVE-2011-2134, -2...

10CVSS9AI score0.11549EPSS
CVE
CVE
added 2015/12/28 11:0 p.m.104 views

CVE-2015-8459

Technical details about CVE-2015-8459 are not publicly available in the provided connected documents. Monitor for updates.

10CVSS9.5AI score0.0612EPSS
CVE
CVE
added 2016/07/13 1:0 a.m.104 views

CVE-2016-4229

CVE-2016-4229 is a use-after-free in Adobe Flash Player (Windows/macOS: before 18.0.0.366 and 19.x–22.x before 22.0.0.209; Linux: before 11.2.202.632) enabling arbitrary code execution via unspecified vectors. The vulnerability is distinct from CVE-2016-4173/4174/4222/4226/4227/4228/4230/4231/424...

9.3CVSS9AI score0.32465EPSS
CVE
CVE
added 2017/01/11 4:40 a.m.104 views

CVE-2017-2937

CVE-2017-2937 affects Adobe Flash Player before 24.0.0.194/24.0.0.186 and earlier. A use-after-free in the ActionScript FileReference class (when using class inheritance) can be exploited to execute arbitrary code remotely. The issue is confirmed in multiple advisories; mitigation documented as u...

9.3CVSS8.8AI score0.06238EPSS
CVE
CVE
added 2017/05/09 4:0 p.m.104 views

CVE-2017-3074

Adobe Flash Player 25.0.0.148 and earlier is affected by a memory corruption vulnerability in the Graphics class (CVE-2017-3074). Successful exploitation could lead to arbitrary code execution. Public advisories indicate remediation via upgrading to at least 25.0.0.171 (and related CVEs 3068–3074...

9.3CVSS8.9AI score0.04998EPSS
CVE
CVE
added 2015/04/14 10:0 p.m.103 views

CVE-2015-0348

CVE-2015-0348 is a documented buffer overflow in Adobe Flash Player that could allow remote code execution via unspecified vectors. The initial description specifies affected versions: Windows/macOS before 13.0.0.281 and 14.x through 17.x before 17.0.0.169, and Linux before 11.2.202.457. Connecte...

10CVSS7.7AI score0.08759EPSS
CVE
CVE
added 2017/02/15 6:11 a.m.103 views

CVE-2017-2986

CVE-2017-2986 affects Adobe Flash Player, specifically the Flash Video (FLV) codec. The vulnerability is an exploitable heap overflow in the FLV codec for Flash Player versions 24.0.0.194 and earlier, which could allow arbitrary code execution. Evidence from multiple advisories confirms affected ...

9.3CVSS8.8AI score0.30873EPSS
Web
CVE
CVE
added 2010/08/11 6:0 p.m.102 views

CVE-2010-2215

CVE-2010-2215 is a click‑jacking vulnerability in Adobe Flash Player (and bundled Flash in AIR). The connected advisories/entries confirm the issue can trick a user into clicking a link or dialog, with remediation by upgrading Flash to fixed versions (for example, Flash Player 9.0.280.0 and relat...

4.3CVSS9.2AI score0.03849EPSS
CVE
CVE
added 2010/11/07 9:0 p.m.102 views

CVE-2010-3636

CVE-2010-3636 affects Adobe Flash Player prior to 9.0.289.0 and prior to 10.1.102.64 (for 10.x), across Windows, macOS, Linux, Solaris, and Android. The flaw arises from how Flash parses cross-domain policy files with unspecified encodings, allowing remote web servers to bypass intended access re...

9.3CVSS9.2AI score0.05256EPSS
CVE
CVE
added 2011/08/10 10:0 p.m.102 views

CVE-2011-2135

Technical details for CVE-2011-2135 are not publicly available in the provided documents; the connected EUVD entries mention malware but do not specify this CVE's affected products or fixes. Monitor for updates.

10CVSS9AI score0.07545EPSS
CVE
CVE
added 2014/11/11 11:0 p.m.102 views

CVE-2014-0576

CVE-2014-0576 is a memory‑corruption vulnerability in Adobe Flash Player triggered by parsing a specially crafted SWF file, potentially allowing remote arbitrary code execution. Affected products/versions include Flash Player on Windows, OS X, and Linux (per the description), plus related AIR com...

10CVSS7.7AI score0.03599EPSS
CVE
CVE
added 2015/11/11 11:0 a.m.102 views

CVE-2015-7651

CVE-2015-7651 involves a use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows/OS X, and before 11.2.202.548 on Linux; Adobe AIR before 19.0.0.241 and AIR SDK/Compiler before 19.0.0.241. The root cause is use-after-free via crafted DefineFuncti...

9.3CVSS7.5AI score0.06171EPSS
CVE
CVE
added 2016/03/12 3:0 p.m.102 views

CVE-2016-0960

CVE-2016-0960 affects Adobe Flash Player prior to 18.0.0.333 and 19.x up to 21.x before 21.0.0.182 on Windows/macOS, and prior to 11.2.202.577 on Linux, plus Adobe AIR before 21.0.0.176 (and AIR SDK/Compiler before 21.0.0.176). The vulnerability allows attackers to execute arbitrary code or cause...

9.3CVSS9AI score0.03783EPSS
CVE
CVE
added 2016/05/11 10:0 a.m.102 views

CVE-2016-1100

Technical details about CVE-2016-1100 are not publicly provided in the supplied documents. Monitor for updates on affected products, impact, and remediation.

7.6CVSS8.3AI score0.09561EPSS
CVE
CVE
added 2017/02/15 6:11 a.m.102 views

CVE-2017-2994

CVE-2017-2994 affects Adobe Flash Player prior to 24.0.0.221, involving a use-after-free in the Primetime SDK event dispatch that could lead to arbitrary code execution . The vulnerability is described as remote in multiple advisories and vendor bulletins, with impact stated as the ability for a ...

9.3CVSS8.8AI score0.06262EPSS
CVE
CVE
added 2017/05/09 4:0 p.m.102 views

CVE-2017-3070

Adobe Flash Player 25.0.0.148 and earlier is affected by CVE-2017-3070 due to a memory corruption flaw in the ConvolutionFilter class, which could allow arbitrary code execution if exploited. Affected software versions include 25.0.0.148 and earlier; remediation across vendors is to upgrade to 25...

9.3CVSS8.9AI score0.04998EPSS
CVE
CVE
added 2017/08/11 7:0 p.m.102 views

CVE-2017-3085

Adobe Flash Player vulnerability CVE-2017-3085 is an information-disclosure bypass triggered by URL redirects in Flash versions up to 26.0.0.137 (and fixed in 26.0.0.151). Public advisories and vendor pages reference the affected range and confirm an upgrade path to 26.0.0.151 as the remediation....

7.4CVSS7.6AI score0.04478EPSS
CVE
CVE
added 2018/11/29 8:0 p.m.102 views

CVE-2018-15978

CVE-2018-15978 affects Adobe Flash Player versions 31.0.0.122 and earlier, with an out-of-bounds read that could lead to information disclosure. Public references in the connected documents indicate this vulnerability is addressed by updates (e.g., Flash Player 31.0.0.148 in the Mageia/RHEL advis...

7.5CVSS6.9AI score0.0743EPSS
CVE
CVE
added 2010/06/15 5:48 p.m.101 views

CVE-2010-2171

Technical details for CVE-2010-2171 are not publicly available in the provided documents. Monitor for updates.

9.3CVSS9.8AI score0.06751EPSS
CVE
CVE
added 2014/01/15 2:0 a.m.101 views

CVE-2014-0491

CVE-2014-0491 affects Adobe Flash Player (Windows/Mac/Linux) and Adobe AIR/SDK/Compiler. The vulnerability allows bypassing protection mechanisms via unknown vectors, leading to potential complete compromise of affected systems. The initial description notes unknown vectors and does not specify t...

10CVSS6.4AI score0.07117EPSS
CVE
CVE
added 2014/09/10 1:0 a.m.101 views

CVE-2014-0552

The CVE-2014-0552 entry corresponds to a Flash Player/Air memory corruption vulnerability exploitable via crafted SWF content. Affected products include Adobe Flash Player before 13.0.0.244 and 14.x/15.x before 15.0.0.152 on Windows and OS X, and before 11.2.202.406 on Linux, along with Adobe AIR...

10CVSS7.7AI score0.05803EPSS
CVE
CVE
added 2015/04/14 10:0 p.m.101 views

CVE-2015-0351

CVE-2015-0351 is an Adobe Flash Player use-after-free vulnerability that could allow remote code execution. Publicly available sources note it affects Flash Player prior to 13.0.0.281 and 14.x through 17.x prior to 17.0.0.169 on Windows/macOS, and prior to 11.2.202.457 on Linux, with the attack v...

10CVSS7.5AI score0.0785EPSS
CVE
CVE
added 2015/05/13 10:0 a.m.101 views

CVE-2015-3085

CVE-2015-3085 is a remote-write-bypass vulnerability in Adobe Flash Player and related AIR components. Affects Flash Player before 13.0.0.289 and 14.x up to 17.x before 17.0.0.188 (Windows/macOS) and before 11.2.202.460 (Linux), as well as Adobe AIR before 17.0.0.172, and AIR SDKs before 17.0.0.1...

6.4CVSS6.6AI score0.04736EPSS
CVE
CVE
added 2015/10/14 11:0 p.m.101 views

CVE-2015-7632

CVE-2015-7632 is a buffer overflow in Adobe Flash Player and Adobe AIR that allows remote code execution via a Loader object with a crafted loaderBytes property. Affected products include Adobe Flash Player versions prior to 18.0.0.252 and 19.x prior to 19.0.0.207 on Windows/macOS, and prior to 1...

9.3CVSS7.5AI score0.08245EPSS
CVE
CVE
added 2015/12/10 2:0 a.m.101 views

CVE-2015-8424

Technical details for CVE-2015-8424 are not publicly available in the provided connected documents; monitor for updates.

10CVSS9.2AI score0.43408EPSS
Web
CVE
CVE
added 2016/05/11 10:0 a.m.101 views

CVE-2016-1096

Technical details about CVE-2016-1096 are not provided in the supplied documents; current records only note it as unspecified with unknown impact; monitor for updates.

7.6CVSS8.3AI score0.39645EPSS
Web
CVE
CVE
added 2016/09/14 6:0 p.m.101 views

CVE-2016-6926

Technical details are not publicly available in the provided documents. Monitor for updates.

9.3CVSS9AI score0.0604EPSS
CVE
CVE
added 2016/11/08 5:45 p.m.101 views

CVE-2016-7857

Adobe Flash Player 23.0.0.205 and earlier, and 11.2.202.643 and earlier contain a use-after-free vulnerability that could allow remote arbitrary code execution when handling SWF content. The issue (CVE-2016-7857) is addressed in updates to Flash Player 23.x and 11.x lines (e.g., 23.0.0.207 and 11...

9.3CVSS8.8AI score0.07041EPSS
CVE
CVE
added 2016/11/08 5:45 p.m.101 views

CVE-2016-7865

CVE-2016-7865 affects Adobe Flash Player: type confusion in Flash components. Public advisories link it to Flash Player 11.2.202.644 (and earlier 11.x) and also to the 23.0.0.207 line, with exploitation capable of arbitrary code execution. Connected documents confirm this CVE as part of multiple ...

9.3CVSS8.7AI score0.0724EPSS
CVE
CVE
added 2017/12/09 6:0 a.m.101 views

CVE-2017-11225

CVE-2017-11225 is an Adobe Flash Player use-after-free vulnerability in the Primetime SDK metadata code path (affecting Flash Player 27.0.0.183 and earlier). The issue can cause memory corruption or control-flow/information leak and could lead to arbitrary code execution on successful exploitatio...

10CVSS9.2AI score0.06076EPSS
CVE
CVE
added 2017/01/11 4:40 a.m.101 views

CVE-2017-2936

Adobe Flash Player versions 24.0.0.186 and earlier are affected by a use-after-free vulnerability in the ActionScript FileReference class (CVE-2017-2936). Successful exploitation could lead to arbitrary code execution on affected systems. Remediation provided in multiple advisories: upgrade to Fl...

9.3CVSS8.8AI score0.06238EPSS
Total number of security vulnerabilities1084