VYPR

Flashplayer

by Adobe Inc.

CVEs (1,088)

  • CVE-2009-1864Jul 31, 2009
    risk 0.01cvss epss 0.07

    Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.

  • CVE-2009-0519Feb 26, 2009
    risk 0.01cvss epss 0.15

    Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.

  • CVE-2008-4824Nov 17, 2008
    risk 0.01cvss epss 0.13

    Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors."

  • CVE-2008-4473Oct 17, 2008
    risk 0.01cvss epss 0.09

    Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters.

  • CVE-2008-4401Oct 17, 2008
    risk 0.01cvss epss 0.07

    ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows…

  • CVE-2007-6243Dec 20, 2007
    risk 0.01cvss epss 0.08

    Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.

  • CVE-2007-6246Dec 20, 2007
    risk 0.01cvss epss 0.12

    Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges.

  • CVE-2007-5476Oct 18, 2007
    risk 0.01cvss epss 0.09

    Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors.

  • CVE-2007-4324Aug 14, 2007
    risk 0.01cvss epss 0.08

    ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and earlier versions, allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a…

  • CVE-2007-3457Jul 11, 2007
    risk 0.01cvss epss 0.07

    Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file.

  • CVE-2006-3311Sep 12, 2006
    risk 0.01cvss epss 0.17

    Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

  • CVE-2006-4640Sep 12, 2006
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors.

  • CVE-2006-3588Jul 13, 2006
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587.

  • CVE-2006-3587Jul 13, 2006
    risk 0.01cvss epss 0.08

    Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors.

  • CVE-2006-0024Mar 15, 2006
    risk 0.01cvss epss 0.07

    Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.

  • CVE-2020-9746Oct 14, 2020
    risk 0.00cvss epss 0.04

    Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response…

  • CVE-2020-3757Feb 13, 2020
    risk 0.00cvss epss 0.10

    Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2019-8075Sep 27, 2019
    risk 0.00cvss epss 0.03

    Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

  • CVE-2019-8070Sep 12, 2019
    risk 0.00cvss epss 0.06

    Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

  • CVE-2019-8069Sep 12, 2019
    risk 0.00cvss epss 0.05

    Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

Page 37 of 55