Flashplayer
by Adobe Inc.
CVEs (1,088)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2999 | Hig | 0.58 | 8.8 | 0.04 | Mar 14, 2017 | Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2998 | Hig | 0.58 | 8.8 | 0.04 | Mar 14, 2017 | Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2997 | Hig | 0.58 | 8.8 | 0.07 | Mar 14, 2017 | Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2996 | Hig | 0.58 | 8.8 | 0.05 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2995 | Hig | 0.58 | 8.8 | 0.06 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2994 | Hig | 0.58 | 8.8 | 0.06 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2993 | Hig | 0.58 | 8.8 | 0.06 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2991 | Hig | 0.58 | 8.8 | 0.09 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2990 | Hig | 0.58 | 8.8 | 0.10 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2987 | Hig | 0.58 | 8.8 | 0.09 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2982 | Hig | 0.58 | 8.8 | 0.06 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2937 | Hig | 0.58 | 8.8 | 0.06 | Jan 11, 2017 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2936 | Hig | 0.58 | 8.8 | 0.06 | Jan 11, 2017 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2928 | Hig | 0.58 | 8.8 | 0.05 | Jan 11, 2017 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2927 | Hig | 0.58 | 8.8 | 0.09 | Jan 11, 2017 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2926 | Hig | 0.58 | 8.8 | 0.10 | Jan 11, 2017 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2017-2925 | Hig | 0.58 | 8.8 | 0.05 | Jan 11, 2017 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2016-7890 | Hig | 0.58 | 8.8 | 0.05 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy. | ||
| CVE-2016-7881 | Hig | 0.58 | 8.8 | 0.06 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2016-7880 | Hig | 0.58 | 8.8 | 0.06 | Dec 15, 2016 | Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution. |
- risk 0.58cvss 8.8epss 0.04
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.04
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.07
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.05
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.09
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.10
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.09
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.05
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.09
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.10
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.05
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.05
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.8epss 0.06
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.
Page 8 of 55