Flashplayer

CVEs (1,033)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-0974	Adobe Inc. Air	Hig	0.65	8.8	0.59	Feb 10, 2016	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows…
CVE-2016-0971	Adobe Inc. Air	Hig	0.65	8.8	0.59	Feb 10, 2016	Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows…
CVE-2017-3114	Red Hat Enterprise Linux Desktop	Cri	0.64	9.8	0.10	Dec 9, 2017	An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and region- or country- specific…
CVE-2017-3112	Red Hat Enterprise Linux Desktop	Cri	0.64	9.8	0.10	Dec 9, 2017	An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid (out-of-range)…
CVE-2017-11225	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.06	Dec 9, 2017	An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended…
CVE-2017-11215	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.06	Dec 9, 2017	An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access --…
CVE-2017-3106	Red Hat Enterprise Linux	Hig	0.64	8.8	0.53	Aug 11, 2017	Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.
CVE-2016-0959	Adobe Inc. Air	Cri	0.64	9.8	0.02	Jun 27, 2017	Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before…
CVE-2017-3084	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.01	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3083	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.01	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3082	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3081	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.01	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3079	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.03	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3075	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.01	Jun 20, 2017	Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3063	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.04	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3062	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.04	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3060	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.10	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3059	Adobe Inc. Flashplayer	Cri	0.64	9.8	0.04	Apr 12, 2017	Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2985	Adobe Inc. Flash Player Desktop Runtime	Hig	0.64	8.8	0.52	Feb 15, 2017	Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-4179	Adobe Inc. Flash Player Desktop Runtime	Hig	0.64	8.8	0.50	Jul 13, 2016	Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than…

CVE-2016-0974HigFeb 10, 2016
Adobe Inc.
Air
risk 0.65cvss 8.8epss 0.59
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows…
CVE-2016-0971HigFeb 10, 2016
Adobe Inc.
Air
risk 0.65cvss 8.8epss 0.59
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows…
CVE-2017-3114CriDec 9, 2017
Red Hat
Enterprise Linux Desktop
risk 0.64cvss 9.8epss 0.10
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of providing language- and region- or country- specific…
CVE-2017-3112CriDec 9, 2017
Red Hat
Enterprise Linux Desktop
risk 0.64cvss 9.8epss 0.10
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid (out-of-range)…
CVE-2017-11225CriDec 9, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.06
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended…
CVE-2017-11215CriDec 9, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.06
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access --…
CVE-2017-3106HigAug 11, 2017
Red Hat
Enterprise Linux
risk 0.64cvss 8.8epss 0.53
Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.
CVE-2016-0959CriJun 27, 2017
Adobe Inc.
Air
risk 0.64cvss 9.8epss 0.02
Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before…
CVE-2017-3084CriJun 20, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.01
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the advertising metadata functionality. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3083CriJun 20, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.01
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3082CriJun 20, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.03
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3081CriJun 20, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.01
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3079CriJun 20, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.03
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3075CriJun 20, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.01
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3063CriApr 12, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.04
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3062CriApr 12, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.04
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in ActionScript2 when creating a getter/setter property. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3060CriApr 12, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.10
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3059CriApr 12, 2017
Adobe Inc.
Flashplayer
risk 0.64cvss 9.8epss 0.04
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution.
CVE-2017-2985HigFeb 15, 2017
Adobe Inc.
Flash Player Desktop Runtime
risk 0.64cvss 8.8epss 0.52
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.
CVE-2016-4179HigJul 13, 2016
Adobe Inc.
Flash Player Desktop Runtime
risk 0.64cvss 8.8epss 0.50
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than…

Page 4 of 52