Flash Player Security Vulnerabilities and Issues — Page 5 of Flash Player CVE List

Lucene search

AdobeFlash Player

1084 matches found

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-4284

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-20...

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-6930

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016...

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 7:59 p.m.•79 views

CVE-2016-6986

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-20...

9.3CVSS9AI score0.26758EPSS

CVE•added 2017/01/11 4:59 a.m.•79 views

CVE-2017-2932

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.40865EPSS

CVE•added 2017/03/14 4:59 p.m.•79 views

CVE-2017-2999

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01007EPSS

CVE•added 2013/02/12 8:55 p.m.•78 views

CVE-2013-0637

Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3....

5CVSS5.8AI score0.02734EPSS

CVE•added 2015/04/14 10:59 p.m.•78 views

CVE-2015-0349

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0351, CVE-2015-0358, and CVE-...

10CVSS7.5AI score0.1102EPSS

CVE•added 2015/07/09 4:59 p.m.•78 views

CVE-2015-3118

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute...

10CVSS7.5AI score0.68245EPSS

CVE•added 2015/12/10 5:59 a.m.•78 views

CVE-2015-8418

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS9.1AI score0.13403EPSS

CVE•added 2015/12/28 11:59 p.m.•78 views

CVE-2015-8634

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arb...

9.3CVSS9.1AI score0.49456EPSS

CVE•added 2016/06/16 2:59 p.m.•78 views

CVE-2016-4150

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6927

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6929

9.3CVSS9AI score0.02828EPSS

CVE•added 2017/12/01 8:29 a.m.•78 views

CVE-2017-11282

Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

9.8CVSS9.4AI score0.20687EPSS

CVE•added 2017/02/15 6:59 a.m.•78 views

CVE-2017-2994

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.0199EPSS

CVE•added 2017/03/14 4:59 p.m.•78 views

CVE-2017-3003

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.01639EPSS

CVE•added 2017/07/17 1:18 p.m.•78 views

CVE-2017-3080

Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure.

6.5CVSS6.9AI score0.03071EPSS

CVE•added 2017/08/11 7:29 p.m.•78 views

CVE-2017-3085

Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.

7.4CVSS7.6AI score0.00815EPSS

CVE•added 2017/12/09 6:29 a.m.•78 views

CVE-2017-3112

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid (out-of-range) pointer offset during ...

10CVSS9.1AI score0.0968EPSS

CVE•added 2014/10/15 10:55 a.m.•77 views

CVE-2014-0569

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code ...

9.3CVSS7.6AI score0.8933EPSS

CVE•added 2015/06/10 1:59 a.m.•77 views

CVE-2015-3100

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 1...

10CVSS7.9AI score0.03964EPSS

CVE•added 2015/07/09 4:59 p.m.•77 views

CVE-2015-3115

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via...

5CVSS6.3AI score0.2766EPSS

CVE•added 2015/11/11 1:0 p.m.•77 views

CVE-2015-8044

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary co...

10CVSS7.7AI score0.74587EPSS

CVE•added 2015/12/10 5:59 a.m.•77 views

CVE-2015-8414

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arb...

10CVSS9.2AI score0.60453EPSS

CVE•added 2015/12/10 6:0 a.m.•77 views

CVE-2015-8444

10CVSS9.1AI score0.13403EPSS

CVE•added 2015/12/28 11:59 p.m.•77 views

CVE-2015-8459

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS9.5AI score0.41991EPSS

CVE•added 2016/05/11 11:0 a.m.•77 views

CVE-2016-1098

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.3AI score0.1466EPSS

CVE•added 2016/06/16 2:59 p.m.•77 views

CVE-2016-4153

9.3CVSS8.9AI score0.03097EPSS

CVE•added 2016/07/13 2:0 a.m.•77 views

CVE-2016-4222

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016...

8.8CVSS9AI score0.73665EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-4279

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-6921

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-6931

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 8:0 p.m.•77 views

CVE-2016-6992

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."

9.3CVSS8.9AI score0.08851EPSS

CVE•added 2016/11/08 5:59 p.m.•77 views

CVE-2016-7857

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.08079EPSS

CVE•added 2017/12/01 8:29 a.m.•77 views

CVE-2017-11281

Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

9.8CVSS9.4AI score0.45372EPSS

CVE•added 2017/02/15 6:59 a.m.•77 views

CVE-2017-2992

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.34466EPSS

CVE•added 2018/07/09 7:29 p.m.•77 views

CVE-2018-5001

Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

6.5CVSS6.7AI score0.01364EPSS

CVE•added 2008/11/10 2:12 p.m.•76 views

CVE-2008-4820

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player 9.0.124.0 and earlier on Windows allows attackers to obtain sensitive information via unknown vectors.

7.1CVSS5.7AI score0.03951EPSS

CVE•added 2010/02/15 6:30 p.m.•76 views

CVE-2010-0186

Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.

6.8CVSS7.4AI score0.02923EPSS

CVE•added 2010/09/15 6:0 p.m.•76 views

CVE-2010-2884

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary co...

9.3CVSS9.7AI score0.39683EPSS

CVE•added 2010/11/07 10:0 p.m.•76 views

CVE-2010-3636

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions...

9.3CVSS9.2AI score0.02261EPSS

CVE•added 2012/02/16 7:55 p.m.•76 views

CVE-2012-0751

The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10CVSS7.6AI score0.04236EPSS

CVE•added 2014/06/11 10:57 a.m.•76 views

CVE-2014-0534

Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified v...

7.5CVSS6.5AI score0.06932EPSS

CVE•added 2015/02/06 12:59 a.m.•76 views

CVE-2015-0316

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-20...

10CVSS7.7AI score0.89185EPSS

CVE•added 2015/05/13 11:0 a.m.•76 views

CVE-2015-3085

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on f...

6.4CVSS6.6AI score0.22506EPSS

CVE•added 2015/11/11 12:59 p.m.•76 views

CVE-2015-7654

9.3CVSS7.5AI score0.74587EPSS

CVE•added 2015/11/11 12:59 p.m.•76 views

CVE-2015-7657

9.3CVSS7.5AI score0.74587EPSS

CVE•added 2015/12/10 5:59 a.m.•76 views

CVE-2015-8068

10CVSS9.2AI score0.60453EPSS

CVE•added 2016/05/11 11:0 a.m.•76 views

CVE-2016-1102