VYPR

Vendor CVEs

Adobe Inc.

All CVEs

7,262 total · sorted by risk
  • CVE-2016-1114CriMay 11, 2016
    risk 0.64cvss 9.8epss 0.09

    Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

  • CVE-2016-1009CriMar 9, 2016
    risk 0.64cvss 9.8epss 0.06

    Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2016-1007CriMar 9, 2016
    risk 0.64cvss 9.8epss 0.06

    Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2016-0949CriFeb 10, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL.

  • CVE-2016-0946CriJan 14, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2016-0945CriJan 14, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2016-0944CriJan 14, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2016-0942CriJan 14, 2016
    risk 0.64cvss 9.8epss 0.04

    Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2016-0940CriJan 14, 2016
    risk 0.64cvss 9.8epss 0.05

    Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified…

  • CVE-2016-0933CriJan 14, 2016
    risk 0.64cvss 9.8epss 0.06

    Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

  • CVE-2015-0310HigKEVJan 23, 2015
    risk 0.64cvss 7.8epss 0.15

    Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an…

  • CVE-2014-9163HigKEVDec 10, 2014
    risk 0.64cvss 7.8epss 0.20

    Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.

  • CVE-2026-34659CriMay 12, 2026
    risk 0.63cvss 9.6epss 0.01

    Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to execute arbitrary code.…

  • CVE-2026-27303CriApr 14, 2026
    risk 0.63cvss 9.6epss 0.01

    Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must visit a…

  • CVE-2017-2992HigFeb 15, 2017
    risk 0.63cvss 8.8epss 0.33

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2986HigFeb 15, 2017
    risk 0.63cvss 8.8epss 0.31

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2935HigJan 11, 2017
    risk 0.63cvss 8.8epss 0.30

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2934HigJan 11, 2017
    risk 0.63cvss 8.8epss 0.30

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2933HigJan 11, 2017
    risk 0.63cvss 8.8epss 0.30

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-4231HigJul 13, 2016
    risk 0.63cvss 8.8epss 0.33

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173,…

  • CVE-2016-4230HigJul 13, 2016
    risk 0.63cvss 8.8epss 0.32

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173,…

  • CVE-2016-4229HigJul 13, 2016
    risk 0.63cvss 8.8epss 0.32

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173,…

  • CVE-2016-4228HigJul 13, 2016
    risk 0.63cvss 8.8epss 0.33

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173,…

  • CVE-2016-4227HigJul 13, 2016
    risk 0.63cvss 8.8epss 0.33

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173,…

  • CVE-2016-4226HigJul 13, 2016
    risk 0.63cvss 8.8epss 0.33

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173,…

  • CVE-2016-1000HigMar 12, 2016
    risk 0.63cvss 8.8epss 0.30

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows…

  • CVE-2016-0999HigMar 12, 2016
    risk 0.63cvss 8.8epss 0.30

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows…

  • CVE-2016-0998HigMar 12, 2016
    risk 0.63cvss 8.8epss 0.30

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows…

  • CVE-2016-0997HigMar 12, 2016
    risk 0.63cvss 8.8epss 0.30

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows…

  • CVE-2016-0974HigFeb 10, 2016
    risk 0.63cvss 8.8epss 0.31

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows…

  • CVE-2016-0971HigFeb 10, 2016
    risk 0.63cvss 8.8epss 0.35

    Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows…

  • CVE-2026-47928CriJun 9, 2026
    risk 0.62cvss 9.6epss 0.09

    ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

  • CVE-2018-4937HigMay 19, 2018
    risk 0.62cvss 8.8epss 0.26

    Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4935HigMay 19, 2018
    risk 0.62cvss 8.8epss 0.26

    Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2017-3106HigAug 11, 2017
    risk 0.62cvss 8.8epss 0.22

    Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-3068HigMay 9, 2017
    risk 0.62cvss 8.8epss 0.20

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2988HigFeb 15, 2017
    risk 0.62cvss 8.8epss 0.18

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2985HigFeb 15, 2017
    risk 0.62cvss 8.8epss 0.22

    Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2932HigJan 11, 2017
    risk 0.62cvss 8.8epss 0.25

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2931HigJan 11, 2017
    risk 0.62cvss 8.8epss 0.21

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-2930HigJan 11, 2017
    risk 0.62cvss 8.8epss 0.25

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.

  • CVE-2016-4273HigOct 13, 2016
    risk 0.62cvss 8.8epss 0.20

    Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than…

  • CVE-2016-4275HigSep 14, 2016
    risk 0.62cvss 8.8epss 0.19

    Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than…

  • CVE-2016-4179HigJul 13, 2016
    risk 0.62cvss 8.8epss 0.20

    Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than…

  • CVE-2016-4177HigJul 13, 2016
    risk 0.62cvss 8.8epss 0.18

    Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability…

  • CVE-2016-4176HigJul 13, 2016
    risk 0.62cvss 8.8epss 0.18

    Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability…

  • CVE-2016-4175HigJul 13, 2016
    risk 0.62cvss 8.8epss 0.20

    Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than…

  • CVE-2016-4137HigJun 16, 2016
    risk 0.62cvss 8.8epss 0.16

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

  • CVE-2016-4136HigJun 16, 2016
    risk 0.62cvss 8.8epss 0.16

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

  • CVE-2016-4135HigJun 16, 2016
    risk 0.62cvss 8.8epss 0.17

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Page 9 of 146