Flash Player Security Vulnerabilities and Issues — Flash Player CVE List

Lucene search

AdobeFlash Player

265 matches found

CVE•added 2016/11/01 10:59 p.m.•1103 views

CVE-2016-7855

Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.

9.3CVSS9AI score0.43163EPSS

CVE•added 2016/05/11 1:59 a.m.•1004 views

CVE-2016-4117

Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.

10CVSS9.8AI score0.92777EPSS

CVE•added 2016/04/07 10:59 a.m.•1002 views

CVE-2016-1019

Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016.

10CVSS9.7AI score0.79388EPSS

CVE•added 2016/03/12 3:59 p.m.•989 views

CVE-2016-1010

Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary c...

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•978 views

CVE-2016-0984

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arb...

9.3CVSS8.9AI score0.7297EPSS

CVE•added 2016/06/16 2:59 p.m.•885 views

CVE-2016-4171

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.

10CVSS9.6AI score0.26006EPSS

CVE•added 2016/12/15 6:59 a.m.•857 views

CVE-2016-7892

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.18919EPSS

CVE•added 2016/02/10 8:59 p.m.•203 views

CVE-2016-0974

9.3CVSS8.9AI score0.7297EPSS

CVE•added 2016/03/12 3:59 p.m.•198 views

CVE-2016-0963

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•194 views

CVE-2016-0983

9.3CVSS8.9AI score0.7297EPSS

CVE•added 2016/02/10 8:59 p.m.•192 views

CVE-2016-0982

9.3CVSS8.9AI score0.7297EPSS

CVE•added 2016/02/10 8:59 p.m.•187 views

CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20...

9.3CVSS8.8AI score0.7297EPSS

CVE•added 2016/04/09 1:59 a.m.•185 views

CVE-2016-1015

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type confusion," a different vulnerability than CVE-...

9.3CVSS9.6AI score0.79388EPSS

CVE•added 2016/03/12 3:59 p.m.•174 views

CVE-2016-0993

9.3CVSS9AI score0.28792EPSS

CVE•added 2016/02/10 8:59 p.m.•171 views

CVE-2016-0975

Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allo...

9.3CVSS8.8AI score0.7297EPSS

CVE•added 2016/07/13 1:59 a.m.•95 views

CVE-2016-4178

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

4.3CVSS5.8AI score0.00924EPSS

CVE•added 2016/07/13 1:59 a.m.•95 views

CVE-2016-4179

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-20...

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/06/16 2:59 p.m.•89 views

CVE-2016-4138

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

10CVSS9.1AI score0.3681EPSS

CVE•added 2016/06/16 2:59 p.m.•88 views

CVE-2016-4137

9.3CVSS8.9AI score0.4017EPSS

CVE•added 2016/10/13 7:59 p.m.•88 views

CVE-2016-4273

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-20...

9.3CVSS9AI score0.26758EPSS

CVE•added 2016/07/13 2:0 a.m.•85 views

CVE-2016-4238

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/06/16 2:59 p.m.•84 views

CVE-2016-4149

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/09/14 6:59 p.m.•84 views

CVE-2016-6926

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272, CVE-2016-4279, CVE-2016...

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/11/08 5:59 p.m.•83 views

CVE-2016-7865

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.7AI score0.11156EPSS

CVE•added 2016/07/13 1:59 a.m.•82 views

CVE-2016-4175

9.3CVSS9.3AI score0.44744EPSS

CVE•added 2016/07/13 2:0 a.m.•82 views

CVE-2016-4229

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016...

9.3CVSS9AI score0.73665EPSS

CVE•added 2016/09/14 6:59 p.m.•81 views

CVE-2016-4272

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•81 views

CVE-2016-4285

Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-20...

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/11/08 5:59 p.m.•81 views

CVE-2016-7859

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.08079EPSS

CVE•added 2016/06/16 2:59 p.m.•80 views

CVE-2016-4152

9.3CVSS8.9AI score0.02194EPSS

CVE•added 2016/09/14 6:59 p.m.•80 views

CVE-2016-4284

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/09/14 6:59 p.m.•80 views

CVE-2016-6930

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 7:59 p.m.•80 views

CVE-2016-6986

9.3CVSS9AI score0.26758EPSS

CVE•added 2016/06/16 2:59 p.m.•79 views

CVE-2016-4150

9.3CVSS8.9AI score0.02194EPSS

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-6927

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•79 views

CVE-2016-6929

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/05/11 11:0 a.m.•78 views

CVE-2016-1098

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.

7.6CVSS8.3AI score0.05238EPSS

CVE•added 2016/06/16 2:59 p.m.•78 views

CVE-2016-4153

9.3CVSS8.9AI score0.02194EPSS

CVE•added 2016/07/13 2:0 a.m.•78 views

CVE-2016-4222

8.8CVSS9AI score0.73665EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-4279

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6921

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/09/14 6:59 p.m.•78 views

CVE-2016-6931

9.3CVSS9AI score0.02828EPSS

CVE•added 2016/10/13 8:0 p.m.•78 views

CVE-2016-6992

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."

9.3CVSS8.9AI score0.08851EPSS

CVE•added 2016/11/08 5:59 p.m.•78 views

CVE-2016-7857

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

9.3CVSS8.8AI score0.08079EPSS

CVE•added 2016/05/11 11:0 a.m.•77 views

CVE-2016-1102

7.6CVSS8.3AI score0.28125EPSS

CVE•added 2016/06/16 2:59 p.m.•77 views

CVE-2016-4141

9.3CVSS8.9AI score0.02182EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-4283

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/09/14 6:59 p.m.•77 views

CVE-2016-6922

9.3CVSS9.1AI score0.26204EPSS

CVE•added 2016/10/13 8:0 p.m.•77 views

CVE-2016-6989

9.3CVSS9AI score0.26758EPSS

CVE•added 2016/12/15 6:59 a.m.•77 views

CVE-2016-7867

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.

8.8CVSS8.9AI score0.01058EPSS

Total number of security vulnerabilities265