Flash Player Security Vulnerabilities and Issues — Flash Player CVE List

Lucene search

AdobeFlash Player

76 matches found

CVE•added 2014/12/10 9:59 p.m.•884 views

CVE-2014-9163

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.

10CVSS7.9AI score0.12835EPSS

CVE•added 2014/11/25 11:59 p.m.•877 views

CVE-2014-8439

Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.31479EPSS

CVE•added 2014/08/12 10:55 p.m.•214 views

CVE-2014-0543

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly res...

10CVSS6.3AI score0.00782EPSS

CVE•added 2014/02/21 5:7 a.m.•210 views

CVE-2014-0502

Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows rem...

10CVSS7.8AI score0.86341EPSS

CVE•added 2014/02/05 5:15 a.m.•205 views

CVE-2014-0497

Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS7.8AI score0.93016EPSS

CVE•added 2014/09/10 1:55 a.m.•94 views

CVE-2014-0559

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compile...

10CVSS7.8AI score0.86438EPSS

CVE•added 2014/04/29 10:37 a.m.•90 views

CVE-2014-0515

Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.

10CVSS7.9AI score0.92952EPSS

CVE•added 2014/05/14 11:13 a.m.•90 views

CVE-2014-0516

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

7.5CVSS6.5AI score0.01299EPSS

CVE•added 2014/07/09 5:4 a.m.•86 views

CVE-2014-4671

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 do not properly restrict the SWF file format, which allows re...

4.3CVSS6.5AI score0.35827EPSS

CVE•added 2014/09/10 1:55 a.m.•84 views

CVE-2014-0556

10CVSS8AI score0.86438EPSS

CVE•added 2014/09/10 1:55 a.m.•82 views

CVE-2014-0552

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow atta...

10CVSS7.7AI score0.0558EPSS

CVE•added 2014/11/11 11:55 p.m.•81 views

CVE-2014-0576

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.88009EPSS

CVE•added 2014/08/12 10:55 p.m.•80 views

CVE-2014-0545

10CVSS6.3AI score0.00782EPSS

CVE•added 2014/01/15 4:13 p.m.•79 views

CVE-2014-0491

Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mecha...

10CVSS6.4AI score0.02208EPSS

CVE•added 2014/10/15 10:55 a.m.•77 views

CVE-2014-0569

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code ...

9.3CVSS7.6AI score0.8933EPSS

CVE•added 2014/06/11 10:57 a.m.•76 views

CVE-2014-0534

Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified v...

7.5CVSS6.5AI score0.06932EPSS

CVE•added 2014/04/08 11:55 p.m.•75 views

CVE-2014-0508

Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access res...

5CVSS6AI score0.01606EPSS

CVE•added 2014/02/21 5:7 a.m.•73 views

CVE-2014-0499

Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address inform...

7.8CVSS6.5AI score0.00865EPSS

CVE•added 2014/10/15 10:55 a.m.•73 views

CVE-2014-0564

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of ...

10CVSS7.7AI score0.15429EPSS

CVE•added 2014/03/27 10:55 a.m.•72 views

CVE-2014-0506

Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote...

10CVSS7.5AI score0.20827EPSS

CVE•added 2014/06/11 10:57 a.m.•72 views

CVE-2014-0531

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to i...

4.3CVSS5.6AI score0.03466EPSS

CVE•added 2014/07/09 5:4 a.m.•72 views

CVE-2014-0539

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via un...

7.5CVSS6.5AI score0.02759EPSS

CVE•added 2014/06/11 10:57 a.m.•71 views

CVE-2014-0533

4.3CVSS5.6AI score0.03466EPSS

CVE•added 2014/11/11 11:55 p.m.•71 views

CVE-2014-8440

10CVSS7.7AI score0.88009EPSS

CVE•added 2014/04/08 11:55 p.m.•70 views

CVE-2014-0507

Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execut...

9.3CVSS7.7AI score0.0495EPSS

CVE•added 2014/03/27 10:55 a.m.•70 views

CVE-2014-0510

Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014.

10CVSS8.2AI score0.19866EPSS

CVE•added 2014/05/14 11:13 a.m.•70 views

CVE-2014-0520

Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CV...

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2014/06/11 10:57 a.m.•70 views

CVE-2014-0532

4.3CVSS5.6AI score0.03466EPSS

CVE•added 2014/10/15 10:55 a.m.•69 views

CVE-2014-0558

10CVSS7.7AI score0.15429EPSS

CVE•added 2014/01/15 4:13 p.m.•68 views

CVE-2014-0492

10CVSS6.3AI score0.03215EPSS

CVE•added 2014/09/10 1:55 a.m.•68 views

CVE-2014-0549

10CVSS7.7AI score0.0558EPSS

CVE•added 2014/12/10 9:59 p.m.•68 views

CVE-2014-0587

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164.

10CVSS7.7AI score0.10803EPSS

CVE•added 2014/02/21 5:6 a.m.•67 views

CVE-2014-0498

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows a...

10CVSS8AI score0.03459EPSS

CVE•added 2014/04/08 11:55 p.m.•67 views

CVE-2014-0509

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 a...

4.3CVSS5.6AI score0.00762EPSS

CVE•added 2014/07/09 5:4 a.m.•67 views

CVE-2014-0537

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via un...

7.5CVSS6.5AI score0.02759EPSS

CVE•added 2014/11/11 11:55 p.m.•67 views

CVE-2014-0574

Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitr...

10CVSS7.4AI score0.11795EPSS

CVE•added 2014/11/11 11:55 p.m.•67 views

CVE-2014-0584

10CVSS7.3AI score0.15077EPSS

CVE•added 2014/08/12 10:55 p.m.•66 views

CVE-2014-0542

10CVSS6.3AI score0.00782EPSS

CVE•added 2014/05/14 11:13 a.m.•65 views

CVE-2014-0517

7.5CVSS6.4AI score0.02029EPSS

CVE•added 2014/11/11 11:55 p.m.•65 views

CVE-2014-0590

10CVSS7.3AI score0.15077EPSS

CVE•added 2014/08/19 11:16 a.m.•65 views

CVE-2014-5333

4.3CVSS6.7AI score0.35827EPSS

CVE•added 2014/12/10 9:59 p.m.•65 views

CVE-2014-9164

10CVSS7.7AI score0.10803EPSS

CVE•added 2014/09/10 1:55 a.m.•64 views

CVE-2014-0553

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compi...

10CVSS8.7AI score0.01621EPSS

CVE•added 2014/11/11 11:55 p.m.•64 views

CVE-2014-0581

10CVSS7.7AI score0.88009EPSS

CVE•added 2014/08/12 10:55 p.m.•63 views

CVE-2014-0538

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler befor...

10CVSS7.4AI score0.04728EPSS

CVE•added 2014/09/10 1:55 a.m.•63 views

CVE-2014-0547

10CVSS7.7AI score0.0558EPSS

CVE•added 2014/09/10 1:55 a.m.•63 views

CVE-2014-0550

10CVSS7.7AI score0.0558EPSS

CVE•added 2014/11/11 11:55 p.m.•63 views

CVE-2014-0577

10CVSS7.3AI score0.15077EPSS

CVE•added 2014/12/10 9:59 p.m.•63 views

CVE-2014-9162

Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors.

10CVSS5.8AI score0.01902EPSS

CVE•added 2014/11/11 11:55 p.m.•62 views

CVE-2014-0573

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arb...

10CVSS7.4AI score0.08236EPSS

Total number of security vulnerabilities76