Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Flash_player
(Adobe)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 1084 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-08-11 | CVE-2017-3085 | Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect. | Flash_player, Flash_player_desktop_runtime, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_workstation | 7.4 | ||
2017-01-11 | CVE-2017-2936 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution. | Flash_player | 8.8 | ||
2017-01-11 | CVE-2017-2937 | Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution. | Flash_player | 8.8 | ||
2017-08-11 | CVE-2017-3106 | Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution. | Flash_player, Flash_player_desktop_runtime, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_workstation | 8.8 | ||
2016-09-14 | CVE-2016-4271 | Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue. | Flash_player, Flash_player_desktop_runtime | 6.5 | ||
2016-09-14 | CVE-2016-4274 | Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. | Flash_player, Flash_player_desktop_runtime | 8.8 | ||
2016-09-14 | CVE-2016-4275 | Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. | Flash_player, Flash_player_desktop_runtime | 8.8 | ||
2016-09-14 | CVE-2016-4276 | Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. | Flash_player, Flash_player_desktop_runtime | 8.8 | ||
2016-09-14 | CVE-2016-6922 | Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, and CVE-2016-6924. | Flash_player, Flash_player_desktop_runtime | 8.8 | ||
2016-04-07 | CVE-2016-1019 | Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016. | Air_desktop_runtime, Air_sdk, Air_sdk_\&_compiler, Flash_player, Flash_player_desktop_runtime | 9.8 |