VYPR

Flashplayer

by Adobe Inc.

CVEs (1,088)

  • CVE-2016-7855HigKEVNov 1, 2016
    risk 0.71cvss 8.8epss 0.25

    Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.

  • CVE-2016-1010HigKEVMar 12, 2016
    risk 0.71cvss 8.8epss 0.20

    Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to…

  • CVE-2014-8439HigKEVNov 25, 2014
    risk 0.71cvss 8.8epss 0.20

    Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code…

  • CVE-2014-0502HigKEVFeb 21, 2014
    risk 0.71cvss 8.8epss 0.24

    Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before…

  • CVE-2012-5054HigKEVSep 24, 2012
    risk 0.71cvss 8.8epss 0.21

    Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.

  • CVE-2012-1535HigKEVAug 15, 2012
    risk 0.71cvss 7.8epss 0.70

    Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in…

  • CVE-2011-0609HigKEVMar 15, 2011
    risk 0.71cvss 7.8epss 0.67

    Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x…

  • CVE-2017-11292HigKEVOct 22, 2017
    risk 0.70cvss 8.8epss 0.12

    Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code…

  • CVE-2013-0648HigKEVFeb 27, 2013
    risk 0.70cvss 8.8epss 0.11

    Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary…

  • CVE-2013-0643HigKEVFeb 27, 2013
    risk 0.70cvss 8.8epss 0.11

    The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary…

  • CVE-2017-11282CriDec 1, 2017
    risk 0.69cvss 9.8epss 0.35

    Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

  • CVE-2017-11281CriDec 1, 2017
    risk 0.69cvss 9.8epss 0.34

    Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

  • CVE-2017-3078CriJun 20, 2017
    risk 0.69cvss 9.8epss 0.31

    Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3076CriJun 20, 2017
    risk 0.69cvss 9.8epss 0.25

    Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3061CriApr 12, 2017
    risk 0.69cvss 9.8epss 0.25

    Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-4138CriJun 16, 2016
    risk 0.69cvss 9.8epss 0.25

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

  • CVE-2017-3077CriJun 20, 2017
    risk 0.68cvss 9.8epss 0.22

    Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution.

  • CVE-2018-15981CriNov 29, 2018
    risk 0.65cvss 9.8epss 0.12

    Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2018-5002HigKEVJul 9, 2018
    risk 0.65cvss 7.8epss 0.25

    Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2017-3083CriJun 20, 2017
    risk 0.65cvss 9.8epss 0.14

    Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.

Page 2 of 55