1084 matches found
CVE-2010-3646
Technical details about CVE-2010-3646 are not publicly available in the provided connected documents; monitor for updates.
CVE-2005-4708
The CVE-2005-4708 entry concerns Adobe Macromedia MX 2004 products, Captivate, Contribute 2/3, and the eLicensing client. The vulnerability arises from the Macromedia Licensing Service being installed with the Users group allowed to configure the service, including the path to the executable. Thi...
CVE-2010-2178
Adobe Flash Player before 9.0.277.0 and before 10.1.53.64, and Adobe AIR before 2.0.2.12610, are affected by CVE-2010-2178, which is described as enabling memory corruption that could lead to denial of service or possibly arbitrary code execution via unspecified vectors. The description reference...
CVE-2013-5329
CVE-2013-5329 is a memory-corruption vulnerability in multiple Flash Player versions (Windows/macOS: prior to 11.9.900.152; Linux: prior to 11.2.202.327) and in related AIR components (AIR before 3.9.0.1210). Exploitation could lead to arbitrary code execution or a crash. The publicly referenced ...
CVE-2014-0516
CVE-2014-0516 refers to a Same Origin Policy bypass in Adobe Flash Player and AIR SDK components. Publicly affected versions include Windows/macOS Flash Player prior to 13.0.0.214 and Linux prior to 11.2.202.359, as well as AIR SDK prior to 13.0.0.111 and AIR SDK & Compiler prior to 13.0.0.111. T...
CVE-2014-0556
CVE-2014-0556 is an Adobe Flash Player/ AIR heap overflow triggered by an integer overflow in copyPixelsToByteArray, caused when a ByteArray’s position is set very large. Exploits publicly describe a heap grooming chain that corrupts a Vector. length to achieve arbitrary read/write and ultimately...
CVE-2016-4137
CVE-2016-4137 is a memory corruption vulnerability in Adobe Flash Player 21.0.0.242 and earlier, used within the Adobe Flash libraries in Internet Explorer 10/11 and Microsoft Edge. The vulnerability can lead to remote code execution and is confirmed to have an exploit in the wild (Exploit-DB ent...
CVE-2015-3097
CVE-2015-3097 is an information-disclosure issue in Adobe Flash embedded in Chrome (and other Flash runtimes) where the random Flash heap address was not chosen securely, enabling an attacker to predict the address. The Mac OS X Nessus entry for Google Chrome
CVE-2015-3128
CVE-2015-3128 is a use-after-free vulnerability in Adobe Flash Player (Windows/OS X: affected builds include before 13.0.0.302 and 14.x up to 18.x before 18.0.0.203; Linux: before 11.2.202.481) and in Adobe AIR/ AIR SDK/ SDK & Compiler before 18.0.0.180. The issue allows remote code execution via...
CVE-2016-4273
CVE-2016-4273 affects Adobe Flash Player prior to 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows/macOS, and before 11.2.202.637 on Linux. The issue is a memory corruption vulnerability exploitable via unspecified vectors, linked to a separate group of CVEs (2016-6982…6990). The con...
CVE-2017-2932
CVE-2017-2932 affects Adobe Flash Player versions 24.0.0.186 and earlier, with a use-after-free vulnerability in the ActionScript MovieClip class that could lead to arbitrary code execution. Several advisories summarize the issue (e.g., ASA-201701-16/17) and the Arch Linux entry lists it among mu...
CVE-2017-2992
CVE-2017-2992 is a heap-based buffer overflow vulnerability in Adobe Flash Player triggered while parsing an MP4 header. It affects versions up to 24.0.0.194 (and earlier) per the CVE entry, with multiple advisories confirming a fix in 24.0.0.221 or later. The issue could allow arbitrary code exe...
CVE-2017-3073
CVE-2017-3073 affects Adobe Flash Player 25.0.0.148 and earlier, with an exploitable use-after-free vulnerability when handling multiple mask properties of display objects, leading to memory corruption and potential arbitrary code execution. Multiple connected advisories confirm the affected comp...
CVE-2018-12824
CVE-2018-12824 affects Adobe Flash Player (and the flash-plugin in distributions) prior to version 30.0.0.154. The root cause is an out-of-bounds read that can lead to information disclosure. Public advisories (APSB18-25) document multiple vulnerabilities in Flash Player 30.x and provide a securi...
CVE-2015-8061
Technical details (affected products, versions, root cause, fixes) are not provided in the connected documents for CVE-2015-8061; monitor for updates.
CVE-2016-0998
CVE-2016-0998 is a use-after-free vulnerability in Adobe Flash Player (and related AIR components) that allows arbitrary code execution via unspecified vectors on Windows, OS X, and Linux, affecting Flash Player prior to 18.0.0.333 and 19.x–21.x before 21.0.0.182, and AIR before 21.0.0.176. The r...
CVE-2016-4238
CVE-2016-4238 affects Adobe Flash Player: Windows/macOS versions before 18.0.0.366 and 19.x–22.x before 22.0.0.209, and Linux before 11.2.202.632. Root cause/vectors are described as unspecified. Impact includes arbitrary code execution or memory-corruption-based DoS. No remediation details provi...
CVE-2019-7108
Adobe Flash Player versions 32.0.0.156 and earlier are affected by an out-of-bounds read vulnerability (CVE-2019-7108) that could lead to information disclosure. Multiple connected advisories confirm the issue in Flash Player and list upgrade as the remediation: upgrade to 32.0.0.171 or newer (e....
CVE-2006-5330
The CVE-2006-5330 issue affects Adobe Flash Player plugins prior to 7.0.69 (and earlier variants) across Windows, Linux, Solaris, and macOS, causing remote attackers to modify HTTP headers and perform HTTP Request Splitting via CRLF in arguments to ActionScript functions (XML.addRequestHeader, XM...
CVE-2011-2130
CVE-2011-2130 is a buffer-overflow vulnerability in Adobe Flash Player affecting Windows, Mac OS X, Linux, Solaris (pre-10.3.183.5) and Android (pre-10.3.186.3), and Adobe AIR (pre-2.7.1/2.7.1.1961). It allows arbitrary code execution via unspecified vectors and is separate from CVE-2011-2134, -2...
CVE-2015-8459
Technical details about CVE-2015-8459 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2016-4229
CVE-2016-4229 is a use-after-free in Adobe Flash Player (Windows/macOS: before 18.0.0.366 and 19.x–22.x before 22.0.0.209; Linux: before 11.2.202.632) enabling arbitrary code execution via unspecified vectors. The vulnerability is distinct from CVE-2016-4173/4174/4222/4226/4227/4228/4230/4231/424...
CVE-2017-2937
CVE-2017-2937 affects Adobe Flash Player before 24.0.0.194/24.0.0.186 and earlier. A use-after-free in the ActionScript FileReference class (when using class inheritance) can be exploited to execute arbitrary code remotely. The issue is confirmed in multiple advisories; mitigation documented as u...
CVE-2017-3074
Adobe Flash Player 25.0.0.148 and earlier is affected by a memory corruption vulnerability in the Graphics class (CVE-2017-3074). Successful exploitation could lead to arbitrary code execution. Public advisories indicate remediation via upgrading to at least 25.0.0.171 (and related CVEs 3068–3074...
CVE-2015-0348
CVE-2015-0348 is a documented buffer overflow in Adobe Flash Player that could allow remote code execution via unspecified vectors. The initial description specifies affected versions: Windows/macOS before 13.0.0.281 and 14.x through 17.x before 17.0.0.169, and Linux before 11.2.202.457. Connecte...
CVE-2017-2986
CVE-2017-2986 affects Adobe Flash Player, specifically the Flash Video (FLV) codec. The vulnerability is an exploitable heap overflow in the FLV codec for Flash Player versions 24.0.0.194 and earlier, which could allow arbitrary code execution. Evidence from multiple advisories confirms affected ...
CVE-2010-2215
CVE-2010-2215 is a click‑jacking vulnerability in Adobe Flash Player (and bundled Flash in AIR). The connected advisories/entries confirm the issue can trick a user into clicking a link or dialog, with remediation by upgrading Flash to fixed versions (for example, Flash Player 9.0.280.0 and relat...
CVE-2010-3636
CVE-2010-3636 affects Adobe Flash Player prior to 9.0.289.0 and prior to 10.1.102.64 (for 10.x), across Windows, macOS, Linux, Solaris, and Android. The flaw arises from how Flash parses cross-domain policy files with unspecified encodings, allowing remote web servers to bypass intended access re...
CVE-2011-2135
Technical details for CVE-2011-2135 are not publicly available in the provided documents; the connected EUVD entries mention malware but do not specify this CVE's affected products or fixes. Monitor for updates.
CVE-2014-0576
CVE-2014-0576 is a memory‑corruption vulnerability in Adobe Flash Player triggered by parsing a specially crafted SWF file, potentially allowing remote arbitrary code execution. Affected products/versions include Flash Player on Windows, OS X, and Linux (per the description), plus related AIR com...
CVE-2015-7651
CVE-2015-7651 involves a use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows/OS X, and before 11.2.202.548 on Linux; Adobe AIR before 19.0.0.241 and AIR SDK/Compiler before 19.0.0.241. The root cause is use-after-free via crafted DefineFuncti...
CVE-2016-0960
CVE-2016-0960 affects Adobe Flash Player prior to 18.0.0.333 and 19.x up to 21.x before 21.0.0.182 on Windows/macOS, and prior to 11.2.202.577 on Linux, plus Adobe AIR before 21.0.0.176 (and AIR SDK/Compiler before 21.0.0.176). The vulnerability allows attackers to execute arbitrary code or cause...
CVE-2016-1100
Technical details about CVE-2016-1100 are not publicly provided in the supplied documents. Monitor for updates on affected products, impact, and remediation.
CVE-2017-2994
CVE-2017-2994 affects Adobe Flash Player prior to 24.0.0.221, involving a use-after-free in the Primetime SDK event dispatch that could lead to arbitrary code execution . The vulnerability is described as remote in multiple advisories and vendor bulletins, with impact stated as the ability for a ...
CVE-2017-3070
Adobe Flash Player 25.0.0.148 and earlier is affected by CVE-2017-3070 due to a memory corruption flaw in the ConvolutionFilter class, which could allow arbitrary code execution if exploited. Affected software versions include 25.0.0.148 and earlier; remediation across vendors is to upgrade to 25...
CVE-2017-3085
Adobe Flash Player vulnerability CVE-2017-3085 is an information-disclosure bypass triggered by URL redirects in Flash versions up to 26.0.0.137 (and fixed in 26.0.0.151). Public advisories and vendor pages reference the affected range and confirm an upgrade path to 26.0.0.151 as the remediation....
CVE-2018-15978
CVE-2018-15978 affects Adobe Flash Player versions 31.0.0.122 and earlier, with an out-of-bounds read that could lead to information disclosure. Public references in the connected documents indicate this vulnerability is addressed by updates (e.g., Flash Player 31.0.0.148 in the Mageia/RHEL advis...
CVE-2010-2171
Technical details for CVE-2010-2171 are not publicly available in the provided documents. Monitor for updates.
CVE-2014-0491
CVE-2014-0491 affects Adobe Flash Player (Windows/Mac/Linux) and Adobe AIR/SDK/Compiler. The vulnerability allows bypassing protection mechanisms via unknown vectors, leading to potential complete compromise of affected systems. The initial description notes unknown vectors and does not specify t...
CVE-2014-0552
The CVE-2014-0552 entry corresponds to a Flash Player/Air memory corruption vulnerability exploitable via crafted SWF content. Affected products include Adobe Flash Player before 13.0.0.244 and 14.x/15.x before 15.0.0.152 on Windows and OS X, and before 11.2.202.406 on Linux, along with Adobe AIR...
CVE-2015-0351
CVE-2015-0351 is an Adobe Flash Player use-after-free vulnerability that could allow remote code execution. Publicly available sources note it affects Flash Player prior to 13.0.0.281 and 14.x through 17.x prior to 17.0.0.169 on Windows/macOS, and prior to 11.2.202.457 on Linux, with the attack v...
CVE-2015-3085
CVE-2015-3085 is a remote-write-bypass vulnerability in Adobe Flash Player and related AIR components. Affects Flash Player before 13.0.0.289 and 14.x up to 17.x before 17.0.0.188 (Windows/macOS) and before 11.2.202.460 (Linux), as well as Adobe AIR before 17.0.0.172, and AIR SDKs before 17.0.0.1...
CVE-2015-7632
CVE-2015-7632 is a buffer overflow in Adobe Flash Player and Adobe AIR that allows remote code execution via a Loader object with a crafted loaderBytes property. Affected products include Adobe Flash Player versions prior to 18.0.0.252 and 19.x prior to 19.0.0.207 on Windows/macOS, and prior to 1...
CVE-2015-8424
Technical details for CVE-2015-8424 are not publicly available in the provided connected documents; monitor for updates.
CVE-2016-1096
Technical details about CVE-2016-1096 are not provided in the supplied documents; current records only note it as unspecified with unknown impact; monitor for updates.
CVE-2016-6926
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2016-7857
Adobe Flash Player 23.0.0.205 and earlier, and 11.2.202.643 and earlier contain a use-after-free vulnerability that could allow remote arbitrary code execution when handling SWF content. The issue (CVE-2016-7857) is addressed in updates to Flash Player 23.x and 11.x lines (e.g., 23.0.0.207 and 11...
CVE-2016-7865
CVE-2016-7865 affects Adobe Flash Player: type confusion in Flash components. Public advisories link it to Flash Player 11.2.202.644 (and earlier 11.x) and also to the 23.0.0.207 line, with exploitation capable of arbitrary code execution. Connected documents confirm this CVE as part of multiple ...
CVE-2017-11225
CVE-2017-11225 is an Adobe Flash Player use-after-free vulnerability in the Primetime SDK metadata code path (affecting Flash Player 27.0.0.183 and earlier). The issue can cause memory corruption or control-flow/information leak and could lead to arbitrary code execution on successful exploitatio...
CVE-2017-2936
Adobe Flash Player versions 24.0.0.186 and earlier are affected by a use-after-free vulnerability in the ActionScript FileReference class (CVE-2017-2936). Successful exploitation could lead to arbitrary code execution on affected systems. Remediation provided in multiple advisories: upgrade to Fl...