Flashplayer

CVEs (1,033)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2015-8642	Adobe Inc. Air	Hig	0.58	8.8	0.05	Dec 28, 2015	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows…
CVE-2015-8641	Adobe Inc. Air	Hig	0.58	8.8	0.05	Dec 28, 2015	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows…
CVE-2015-8640	Adobe Inc. Air	Hig	0.58	8.8	0.05	Dec 28, 2015	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows…
CVE-2015-8460	Adobe Inc. Air	Hig	0.58	8.8	0.05	Dec 28, 2015	Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code…
CVE-2010-0378	Adobe Inc. Flashplayer	Hig	0.58	8.8	0.14	Jan 21, 2010	Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie…
CVE-2017-3099	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.01	Jul 17, 2017	Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3074	Red Hat Enterprise Linux	Hig	0.57	8.8	0.03	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3073	Red Hat Enterprise Linux	Hig	0.57	8.8	0.02	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3072	Red Hat Enterprise Linux	Hig	0.57	8.8	0.03	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3071	Red Hat Enterprise Linux	Hig	0.57	8.8	0.02	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3070	Red Hat Enterprise Linux	Hig	0.57	8.8	0.03	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3069	Red Hat Enterprise Linux	Hig	0.57	8.8	0.03	May 9, 2017	Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3003	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.01	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3002	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.02	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3001	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.02	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2999	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.03	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2998	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.03	Mar 14, 2017	Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2996	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.03	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2994	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.03	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2993	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.02	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.

CVE-2015-8642HigDec 28, 2015
Adobe Inc.
Air
risk 0.58cvss 8.8epss 0.05
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows…
CVE-2015-8641HigDec 28, 2015
Adobe Inc.
Air
risk 0.58cvss 8.8epss 0.05
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows…
CVE-2015-8640HigDec 28, 2015
Adobe Inc.
Air
risk 0.58cvss 8.8epss 0.05
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows…
CVE-2015-8460HigDec 28, 2015
Adobe Inc.
Air
risk 0.58cvss 8.8epss 0.05
Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code…
CVE-2010-0378HigJan 21, 2010
Adobe Inc.
Flashplayer
risk 0.58cvss 8.8epss 0.14
Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie…
CVE-2017-3099HigJul 17, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3074HigMay 9, 2017
Red Hat
Enterprise Linux
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3073HigMay 9, 2017
Red Hat
Enterprise Linux
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3072HigMay 9, 2017
Red Hat
Enterprise Linux
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3071HigMay 9, 2017
Red Hat
Enterprise Linux
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3070HigMay 9, 2017
Red Hat
Enterprise Linux
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3069HigMay 9, 2017
Red Hat
Enterprise Linux
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3003HigMar 14, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3002HigMar 14, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability in the ActionScript2 TextField object related to the variable property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3001HigMar 14, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2999HigMar 14, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2998HigMar 14, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2996HigFeb 15, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2994HigFeb 15, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2993HigFeb 15, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.

Page 12 of 52