Flashplayer

CVEs (1,032)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-2991	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.01	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CVE-2017-2990	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.02	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2982	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.02	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2937	Adobe Inc. Flashplayer	Hig	0.57	8.8	0.02	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2936	Adobe Inc. Flashplayer	Hig	0.57	8.8	0.03	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2928	GNU Flash Player	Hig	0.57	8.8	0.03	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2926	GNU Flash Player	Hig	0.57	8.8	0.02	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2925	GNU Flash Player	Hig	0.57	8.8	0.03	Jan 11, 2017	Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7890	GNU Flash Player	Hig	0.57	8.8	0.00	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
CVE-2016-7875	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.03	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7871	GNU Flash Player	Hig	0.57	8.8	0.03	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7870	GNU Flash Player	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7869	GNU Flash Player	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7868	GNU Flash Player	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7867	GNU Flash Player	Hig	0.57	8.8	0.01	Dec 15, 2016	Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.
CVE-2016-6981	Adobe Inc. Flash Player Desktop Runtime	Hig	0.57	8.8	0.03	Oct 13, 2016	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987.
CVE-2016-6932	Adobe Inc. Flashplayer	Hig	0.57	8.8	0.03	Sep 14, 2016	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…
CVE-2016-6931	Adobe Inc. Flashplayer	Hig	0.57	8.8	0.03	Sep 14, 2016	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…
CVE-2016-6930	Adobe Inc. Flashplayer	Hig	0.57	8.8	0.03	Sep 14, 2016	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…
CVE-2016-6929	Adobe Inc. Flashplayer	Hig	0.57	8.8	0.03	Sep 14, 2016	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…

CVE-2017-2991HigFeb 15, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
CVE-2017-2990HigFeb 15, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2982HigFeb 15, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2937HigJan 11, 2017
Adobe Inc.
Flashplayer
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2936HigJan 11, 2017
Adobe Inc.
Flashplayer
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2928HigJan 11, 2017
GNU
Flash Player
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2926HigJan 11, 2017
GNU
Flash Player
risk 0.57cvss 8.8epss 0.02
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2925HigJan 11, 2017
GNU
Flash Player
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7890HigDec 15, 2016
GNU
Flash Player
risk 0.57cvss 8.8epss 0.00
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
CVE-2016-7875HigDec 15, 2016
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7871HigDec 15, 2016
GNU
Flash Player
risk 0.57cvss 8.8epss 0.03
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7870HigDec 15, 2016
GNU
Flash Player
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7869HigDec 15, 2016
GNU
Flash Player
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7868HigDec 15, 2016
GNU
Flash Player
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7867HigDec 15, 2016
GNU
Flash Player
risk 0.57cvss 8.8epss 0.01
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.
CVE-2016-6981HigOct 13, 2016
Adobe Inc.
Flash Player Desktop Runtime
risk 0.57cvss 8.8epss 0.03
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987.
CVE-2016-6932HigSep 14, 2016
Adobe Inc.
Flashplayer
risk 0.57cvss 8.8epss 0.03
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…
CVE-2016-6931HigSep 14, 2016
Adobe Inc.
Flashplayer
risk 0.57cvss 8.8epss 0.03
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…
CVE-2016-6930HigSep 14, 2016
Adobe Inc.
Flashplayer
risk 0.57cvss 8.8epss 0.03
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…
CVE-2016-6929HigSep 14, 2016
Adobe Inc.
Flashplayer
risk 0.57cvss 8.8epss 0.03
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4272,…

Page 13 of 52