Flash Player Security Vulnerabilities and Issues — Flash Player CVE List

Lucene search

AdobeFlash Player

54 matches found

CVE•added 2019/09/27 4:15 p.m.•194 views

CVE-2019-8075

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

7.5CVSS7.9AI score0.01038EPSS

CVE•added 2014/05/14 11:13 a.m.•90 views

CVE-2014-0516

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

7.5CVSS6.5AI score0.01299EPSS

CVE•added 2019/05/23 5:29 p.m.•85 views

CVE-2019-7108

Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .

7.5CVSS7.9AI score0.03145EPSS

CVE•added 2019/01/18 5:29 p.m.•82 views

CVE-2018-15983

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

7.8CVSS8.5AI score0.00926EPSS

CVE•added 2015/11/11 1:0 p.m.•80 views

CVE-2015-7662

Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write ...

7.8CVSS6.6AI score0.01794EPSS

CVE•added 2017/08/11 7:29 p.m.•78 views

CVE-2017-3085

Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.

7.4CVSS7.6AI score0.00815EPSS

CVE•added 2016/05/11 11:0 a.m.•77 views

CVE-2016-1098

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.3AI score0.1466EPSS

CVE•added 2008/11/10 2:12 p.m.•76 views

CVE-2008-4820

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player 9.0.124.0 and earlier on Windows allows attackers to obtain sensitive information via unknown vectors.

7.1CVSS5.7AI score0.03951EPSS

CVE•added 2014/06/11 10:57 a.m.•76 views

CVE-2014-0534

Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified v...

7.5CVSS6.5AI score0.06932EPSS

CVE•added 2016/05/11 11:0 a.m.•76 views

CVE-2016-1102

7.6CVSS8.3AI score0.28125EPSS

CVE•added 2018/11/29 8:29 p.m.•74 views

CVE-2018-15978

Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS6.9AI score0.09317EPSS

CVE•added 2014/02/21 5:7 a.m.•73 views

CVE-2014-0499

Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address inform...

7.8CVSS6.5AI score0.00865EPSS

CVE•added 2018/08/29 1:29 p.m.•73 views

CVE-2018-12827

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS7.9AI score0.30156EPSS

CVE•added 2014/07/09 5:4 a.m.•72 views

CVE-2014-0539

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via un...

7.5CVSS6.5AI score0.02759EPSS

CVE•added 2016/05/11 11:0 a.m.•72 views

CVE-2016-1096

7.6CVSS8.3AI score0.28125EPSS

CVE•added 2018/01/09 9:29 p.m.•72 views

CVE-2018-4871

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes ...

7.5CVSS6.7AI score0.02904EPSS

CVE•added 2016/05/11 11:0 a.m.•71 views

CVE-2016-1105

7.6CVSS8.2AI score0.42408EPSS

CVE•added 2014/05/14 11:13 a.m.•70 views

CVE-2014-0520

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CV...

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2016/05/11 11:0 a.m.•70 views

CVE-2016-1107

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2018/07/20 7:29 p.m.•70 views

CVE-2018-5008

Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS7.4AI score0.07793EPSS

CVE•added 2016/05/11 11:0 a.m.•69 views

CVE-2016-1097

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/05/11 11:0 a.m.•69 views

CVE-2016-1100

7.6CVSS8.3AI score0.1466EPSS

CVE•added 2016/05/11 11:0 a.m.•69 views

CVE-2016-1109

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/05/11 11:0 a.m.•68 views

CVE-2016-1099

7.6CVSS8.3AI score0.1466EPSS

CVE•added 2016/05/11 11:0 a.m.•68 views

CVE-2016-1110

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2006/02/02 11:0 a.m.•67 views

CVE-2005-4708

Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System.

7.2CVSS7.7AI score0.00167EPSS

CVE•added 2014/07/09 5:4 a.m.•67 views

CVE-2014-0537

7.5CVSS6.5AI score0.02759EPSS

CVE•added 2016/05/11 11:0 a.m.•67 views

CVE-2016-1104

7.6CVSS8.3AI score0.28125EPSS

CVE•added 2016/05/11 11:0 a.m.•67 views

CVE-2016-1108

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2015/07/09 4:59 p.m.•66 views

CVE-2015-3126

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer ...

7.5CVSS7.2AI score0.03219EPSS

CVE•added 2014/05/14 11:13 a.m.•65 views

CVE-2014-0517

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2016/05/11 11:1 a.m.•65 views

CVE-2016-4109

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/05/11 11:0 a.m.•64 views

CVE-2016-1101

7.6CVSS8.2AI score0.42408EPSS

CVE•added 2016/05/11 11:0 a.m.•64 views

CVE-2016-1106

7.6CVSS8.2AI score0.45392EPSS

CVE•added 2016/04/09 1:59 a.m.•63 views

CVE-2016-1014

Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.

7.3CVSS8AI score0.00215EPSS

CVE•added 2016/05/11 11:1 a.m.•63 views

CVE-2016-4108

7.6CVSS8.2AI score0.45338EPSS

CVE•added 2018/09/25 1:29 p.m.•63 views

CVE-2018-15967

Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS7.4AI score0.02888EPSS

CVE•added 2016/05/11 11:0 a.m.•62 views

CVE-2016-1103

7.6CVSS8.2AI score0.42408EPSS

CVE•added 2016/05/11 11:1 a.m.•62 views

CVE-2016-4115

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2014/05/14 11:13 a.m.•61 views

CVE-2014-0519

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2014/11/11 11:55 p.m.•61 views

CVE-2014-0583

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a tr...

7.5CVSS6.9AI score0.03252EPSS

CVE•added 2016/05/11 11:1 a.m.•61 views

CVE-2016-4110

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/05/11 11:1 a.m.•61 views

CVE-2016-4112

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2018/08/29 1:29 p.m.•61 views

CVE-2018-12826

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS7.9AI score0.02143EPSS

CVE•added 2016/05/11 11:1 a.m.•59 views

CVE-2016-4114

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2016/05/11 11:1 a.m.•59 views

CVE-2016-4116

7.6CVSS8.2AI score0.04609EPSS

CVE•added 2016/07/13 2:0 a.m.•59 views

CVE-2016-4232

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.

7.5CVSS7.5AI score0.30294EPSS

CVE•added 2014/05/14 11:13 a.m.•58 views

CVE-2014-0518

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2016/05/11 11:1 a.m.•58 views

CVE-2016-4111

7.6CVSS8.2AI score0.05238EPSS

CVE•added 2014/06/11 10:57 a.m.•57 views

CVE-2014-0535

7.5CVSS6.5AI score0.06932EPSS

Total number of security vulnerabilities54