Flash Player Security Vulnerabilities and Issues — Page 9 of Flash Player CVE List

Lucene search

AdobeFlash Player

1084 matches found

CVE•added 2009/07/31 7:30 p.m.•70 views

CVE-2009-1864

Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.

9.3CVSS8.1AI score0.03207EPSS

CVE•added 2009/07/31 7:30 p.m.•70 views

CVE-2009-1867

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability."

4.3CVSS7.3AI score0.00989EPSS

CVE•added 2009/07/31 7:30 p.m.•70 views

CVE-2009-1868

9.3CVSS8.1AI score0.18527EPSS

CVE•added 2010/06/15 6:0 p.m.•70 views

CVE-2010-2165

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171,...

9.3CVSS9.9AI score0.01631EPSS

CVE•added 2010/06/15 6:0 p.m.•70 views

CVE-2010-2182

9.3CVSS9.9AI score0.01631EPSS

CVE•added 2010/11/07 10:0 p.m.•70 views

CVE-2010-3642

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability...

9.3CVSS9.7AI score0.03964EPSS

CVE•added 2011/08/10 9:55 p.m.•70 views

CVE-2011-2134

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vul...

10CVSS9AI score0.13356EPSS

CVE•added 2014/04/08 11:55 p.m.•70 views

CVE-2014-0507

Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execut...

9.3CVSS7.7AI score0.0495EPSS

CVE•added 2014/03/27 10:55 a.m.•70 views

CVE-2014-0510

Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014.

10CVSS8.2AI score0.19866EPSS

CVE•added 2014/05/14 11:13 a.m.•70 views

CVE-2014-0520

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CV...

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2014/06/11 10:57 a.m.•70 views

CVE-2014-0532

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to i...

4.3CVSS5.6AI score0.03466EPSS

CVE•added 2015/03/13 5:59 p.m.•70 views

CVE-2015-0341

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0342.

10CVSS9.6AI score0.05186EPSS

CVE•added 2015/06/10 1:59 a.m.•70 views

CVE-2015-3101

The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 o...

4.3CVSS6.4AI score0.00545EPSS

CVE•added 2015/10/15 12:0 a.m.•70 views

CVE-2015-7633

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (...

10CVSS7.7AI score0.20928EPSS

CVE•added 2015/10/15 12:0 a.m.•70 views

CVE-2015-7643

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary co...

9.3CVSS7.3AI score0.19895EPSS

CVE•added 2015/12/10 5:59 a.m.•70 views

CVE-2015-8064

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arb...

10CVSS9.2AI score0.60453EPSS

CVE•added 2015/12/10 5:59 a.m.•70 views

CVE-2015-8401

10CVSS9.2AI score0.60453EPSS

CVE•added 2015/12/10 5:59 a.m.•70 views

CVE-2015-8402

10CVSS9.2AI score0.60453EPSS

CVE•added 2015/12/10 5:59 a.m.•70 views

CVE-2015-8434

10CVSS9.2AI score0.60453EPSS

CVE•added 2015/12/10 6:0 a.m.•70 views

CVE-2015-8446

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbit...

9.3CVSS9AI score0.07527EPSS

CVE•added 2015/12/28 11:59 p.m.•70 views

CVE-2015-8643

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arb...

9.3CVSS9.1AI score0.49456EPSS

CVE•added 2015/12/28 11:59 p.m.•70 views

CVE-2015-8649

9.3CVSS9.1AI score0.49456EPSS

CVE•added 2016/03/04 11:59 p.m.•70 views

CVE-2015-8652

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of ...

9.3CVSS9AI score0.13403EPSS

CVE•added 2016/02/10 8:59 p.m.•70 views

CVE-2016-0964

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of ...

9.3CVSS9.2AI score0.43246EPSS

CVE•added 2016/02/10 8:59 p.m.•70 views

CVE-2016-0980

9.3CVSS9.2AI score0.43246EPSS

CVE•added 2016/03/12 3:59 p.m.•70 views

CVE-2016-0995

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute...

9.3CVSS9AI score0.50072EPSS

CVE•added 2016/05/11 11:0 a.m.•70 views

CVE-2016-1107

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/06/16 2:59 p.m.•70 views

CVE-2016-4142

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/07/13 1:59 a.m.•70 views

CVE-2016-4173

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4174, CVE-2016-4222, CVE-2016...

9.3CVSS9AI score0.73665EPSS

CVE•added 2016/07/13 1:59 a.m.•70 views

CVE-2016-4176

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4177.

9.3CVSS8.9AI score0.39663EPSS

CVE•added 2016/09/14 6:59 p.m.•70 views

CVE-2016-4276

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-20...

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/09/14 6:59 p.m.•70 views

CVE-2016-6924

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/10/13 7:59 p.m.•70 views

CVE-2016-6982

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-20...

9.3CVSS9AI score0.26758EPSS

CVE•added 2016/10/13 8:0 p.m.•70 views

CVE-2016-6990

9.3CVSS9AI score0.26758EPSS

CVE•added 2016/11/08 5:59 p.m.•70 views

CVE-2016-7863

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.08079EPSS

CVE•added 2017/02/15 6:59 a.m.•70 views

CVE-2017-2987

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.03887EPSS

CVE•added 2017/02/15 6:59 a.m.•70 views

CVE-2017-2991

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01175EPSS

CVE•added 2017/02/15 6:59 a.m.•70 views

CVE-2017-2996

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.9AI score0.01168EPSS

CVE•added 2018/07/09 7:29 p.m.•70 views

CVE-2018-5000

Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure.

6.5CVSS6.8AI score0.01114EPSS

CVE•added 2018/07/20 7:29 p.m.•70 views

CVE-2018-5008

Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS7.4AI score0.07793EPSS

CVE•added 2010/02/15 6:30 p.m.•69 views

CVE-2010-0187

Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.

4.3CVSS7.2AI score0.41655EPSS

CVE•added 2010/06/15 6:0 p.m.•69 views

CVE-2010-2162

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO ato...

9.3CVSS9.6AI score0.00898EPSS

CVE•added 2011/05/13 10:55 p.m.•69 views

CVE-2011-0619

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0620, CVE-2011-0621, and CVE-...

9.3CVSS8.8AI score0.05847EPSS

CVE•added 2011/06/09 2:38 a.m.•69 views

CVE-2011-2107

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vu...

4.3CVSS7AI score0.01077EPSS

CVE•added 2013/02/27 12:55 a.m.•69 views

CVE-2013-0504

Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.7AI score0.14733EPSS

CVE•added 2013/02/27 12:55 a.m.•69 views

CVE-2013-0643

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SW...

9.3CVSS7.6AI score0.36303EPSS

CVE•added 2013/02/12 8:55 p.m.•69 views

CVE-2013-1370

Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; ...

10CVSS7.7AI score0.04189EPSS

CVE•added 2014/10/15 10:55 a.m.•69 views

CVE-2014-0558

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.15429EPSS

CVE•added 2015/03/13 5:59 p.m.•69 views

CVE-2015-0335

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-20...

10CVSS9.7AI score0.09331EPSS

CVE•added 2015/05/13 11:0 a.m.•69 views

CVE-2015-3090

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial...

10CVSS7.7AI score0.89847EPSS

Total number of security vulnerabilities1084