Flash Player@* Security Vulnerabilities and Issues — Page 17 of Flash Player@* CVE List

Lucene search

AdobeFlash Player*

1067 matches found

CVE•added 2017/06/20 5:29 p.m.•62 views

CVE-2017-3081

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution.

10CVSS9.4AI score0.01682EPSS

CVE•added 2006/09/12 11:7 p.m.•61 views

CVE-2006-3311

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

5.1CVSS7.6AI score0.57875EPSS

CVE•added 2008/10/09 6:0 p.m.•61 views

CVE-2008-4503

The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking."

6.8CVSS6.3AI score0.04555EPSS

CVE•added 2009/07/31 7:30 p.m.•61 views

CVE-2009-1863

Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to a "privilege escalation vulnerability."

9.3CVSS8AI score0.02504EPSS

CVE•added 2009/07/31 7:30 p.m.•61 views

CVE-2009-1869

Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a la...

9.3CVSS8AI score0.21945EPSS

CVE•added 2010/06/15 6:0 p.m.•61 views

CVE-2010-2183

Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181.

9.3CVSS9.7AI score0.02214EPSS

CVE•added 2011/02/10 4:0 p.m.•61 views

CVE-2011-0607

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011...

9.3CVSS9AI score0.13697EPSS

CVE•added 2011/05/13 10:55 p.m.•61 views

CVE-2011-0627

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content, as possibly exploited in the wild in May 2011 by a Microsoft...

9.3CVSS8.7AI score0.0786EPSS

CVE•added 2012/10/09 11:13 a.m.•61 views

CVE-2012-5262

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK b...

10CVSS7.9AI score0.06407EPSS

CVE•added 2013/06/12 3:30 a.m.•61 views

CVE-2013-3343

Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on Windows, before 10.3.183.90 and 11.x before 11.7.700.225 on Mac OS X, before 10.3.183.90 and 11.x before 11.2.202.291 on Linux, before 11.1.111.59 on Android 2.x and 3.x, and before 11.1.115.63 on Android 4.x; Adobe AIR before 3....

10CVSS7.7AI score0.05301EPSS

CVE•added 2014/05/14 11:13 a.m.•61 views

CVE-2014-0519

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CV...

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2014/11/11 11:55 p.m.•61 views

CVE-2014-0583

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a tr...

7.5CVSS6.9AI score0.03252EPSS

CVE•added 2014/11/11 11:55 p.m.•61 views

CVE-2014-8438

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arb...

10CVSS7.4AI score0.08236EPSS

CVE•added 2015/01/13 11:59 p.m.•61 views

CVE-2015-0302

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow ...

5CVSS5.9AI score0.03061EPSS

CVE•added 2015/02/06 12:59 a.m.•61 views

CVE-2015-0325

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CV...

10CVSS7.1AI score0.08682EPSS

CVE•added 2015/03/13 5:59 p.m.•61 views

CVE-2015-0340

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass intended file-upload restrictions via unspecified vectors.

5CVSS9.2AI score0.01224EPSS

CVE•added 2015/05/13 11:0 a.m.•61 views

CVE-2015-3093

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial...

10CVSS7.7AI score0.89847EPSS

CVE•added 2015/07/09 4:59 p.m.•61 views

CVE-2015-3121

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an ...

10CVSS7.3AI score0.08783EPSS

CVE•added 2015/07/09 4:59 p.m.•61 views

CVE-2015-3130

10CVSS7.7AI score0.65297EPSS

CVE•added 2015/07/09 4:59 p.m.•61 views

CVE-2015-4429

10CVSS7.2AI score0.03219EPSS

CVE•added 2015/07/09 4:59 p.m.•61 views

CVE-2015-4432

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute a...

10CVSS6.4AI score0.68034EPSS

CVE•added 2015/09/22 10:59 a.m.•61 views

CVE-2015-5567

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (...

10CVSS7.7AI score0.11081EPSS

CVE•added 2015/09/22 10:59 a.m.•61 views

CVE-2015-5575

10CVSS7.8AI score0.06367EPSS

CVE•added 2015/12/10 5:59 a.m.•61 views

CVE-2015-8409

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass intended access restrictions via unsp...

10CVSS8.5AI score0.06007EPSS

CVE•added 2015/12/10 6:0 a.m.•61 views

CVE-2015-8451

10CVSS9.1AI score0.13403EPSS

CVE•added 2015/12/10 6:0 a.m.•61 views

CVE-2015-8455

10CVSS9.1AI score0.13403EPSS

CVE•added 2016/02/10 8:59 p.m.•61 views

CVE-2016-0970

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of ...

9.3CVSS9.2AI score0.43246EPSS

CVE•added 2016/02/10 8:59 p.m.•61 views

CVE-2016-0978

9.3CVSS9.2AI score0.43246EPSS

CVE•added 2016/04/09 1:59 a.m.•61 views

CVE-2016-1020

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-20...

9.3CVSS9AI score0.05385EPSS

CVE•added 2016/05/11 11:1 a.m.•61 views

CVE-2016-4110

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/05/11 11:1 a.m.•61 views

CVE-2016-4112

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/06/16 2:59 p.m.•61 views

CVE-2016-4139

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/07/13 2:0 a.m.•61 views

CVE-2016-4220

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•61 views

CVE-2016-4241

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•61 views

CVE-2016-4245

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/12/15 6:59 a.m.•61 views

CVE-2016-7868

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.

8.8CVSS8.9AI score0.01058EPSS

CVE•added 2016/12/15 6:59 a.m.•61 views

CVE-2016-7869

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.

8.8CVSS8.9AI score0.01058EPSS

CVE•added 2016/12/15 6:59 a.m.•61 views

CVE-2016-7874

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the NetConnection class when handling the proxy types. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.03743EPSS

CVE•added 2017/04/12 2:59 p.m.•61 views

CVE-2017-3061

Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.

10CVSS9.6AI score0.53858EPSS

CVE•added 2018/08/29 1:29 p.m.•61 views

CVE-2018-12826

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS7.9AI score0.02143EPSS

CVE•added 2018/08/29 1:29 p.m.•61 views

CVE-2018-12828

Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.

9.8CVSS9.1AI score0.17319EPSS

CVE•added 2011/02/10 4:0 p.m.•60 views

CVE-2011-0559

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-20...

9.3CVSS9AI score0.13697EPSS

CVE•added 2011/02/10 4:0 p.m.•60 views

CVE-2011-0561

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011...

9.3CVSS9AI score0.13697EPSS

CVE•added 2011/05/13 10:55 p.m.•60 views

CVE-2011-0620

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0621, and CVE-...

9.3CVSS8.8AI score0.05847EPSS

CVE•added 2011/09/22 3:38 a.m.•60 views

CVE-2011-2429

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass."

5CVSS8.3AI score0.01913EPSS

CVE•added 2011/09/22 3:38 a.m.•60 views

CVE-2011-2444

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exp...

4.3CVSS6.9AI score0.0092EPSS

CVE•added 2012/10/09 11:13 a.m.•60 views

CVE-2012-5251

10CVSS7.9AI score0.06407EPSS

CVE•added 2012/10/09 11:13 a.m.•60 views

CVE-2012-5257

10CVSS7.9AI score0.06407EPSS

CVE•added 2013/02/12 8:55 p.m.•60 views

CVE-2013-0649

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on ...

10CVSS7.3AI score0.04685EPSS

CVE•added 2014/08/12 10:55 p.m.•60 views

CVE-2014-0540

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly res...

10CVSS6.3AI score0.00782EPSS

Total number of security vulnerabilities1067