Adobe Air vulnerabilities
145 known vulnerabilities affecting adobe/adobe_air.
Total CVEs
145
CISA KEV
2
actively exploited
Public exploits
4
Exploited in wild
2
Severity breakdown
CRITICAL116HIGH15MEDIUM14
Vulnerabilities
Page 7 of 8
CVE-2011-2417CRITICALCVSS 10.0≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2417 [CRITICAL] CVE-2011-2417: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135,
nvd
CVE-2011-2425CRITICALCVSS 10.0≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2425 [CRITICAL] CVE-2011-2425: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135,
nvd
CVE-2011-2138CRITICALCVSS 10.0≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2138 [CRITICAL] CVE-2011-2138: Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris an
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.
nvd
CVE-2011-2416CRITICALCVSS 10.0≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2416 [CRITICAL] CVE-2011-2416: Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris an
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.
nvd
CVE-2011-2135CRITICALCVSS 10.0≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2135 [CRITICAL] CWE-119 CVE-2011-2135: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-201
nvd
CVE-2011-2415CRITICALCVSS 10.0≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2415 [CRITICAL] CVE-2011-2415: Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137,
nvd
CVE-2011-2137CRITICALCVSS 10.0≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2137 [CRITICAL] CVE-2011-2137: Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414,
nvd
CVE-2011-2140CRITICALCVSS 10.0PoC≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2140 [CRITICAL] CVE-2011-2140: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135,
nvd
CVE-2011-2139MEDIUMCVSS 6.4≤ 2.7v1.0+8 more2011-08-10
CVE-2011-2139 [MEDIUM] CWE-264 CVE-2011-2139: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
nvd
CVE-2011-0611HIGHCVSS 8.8KEVPoCfixed in 2.6.191402011-04-13
CVE-2011-0611 [HIGH] CWE-843 CVE-2011-0611: Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and e
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.
nvd
CVE-2010-2216CRITICALCVSS 9.3v1.0v1.0.1+4 more2010-08-11
CVE-2010-2216 [CRITICAL] CVE-2010-2216: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.
nvd
CVE-2010-0209CRITICALCVSS 9.3v1.0v1.0.1+4 more2010-08-11
CVE-2010-0209 [CRITICAL] CWE-94 CVE-2010-0209: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216.
nvd
CVE-2010-2214CRITICALCVSS 9.3v1.0v1.0.1+4 more2010-08-11
CVE-2010-2214 [CRITICAL] CVE-2010-2214: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216.
nvd
CVE-2010-2213CRITICALCVSS 9.3v1.0v1.0.1+4 more2010-08-11
CVE-2010-2213 [CRITICAL] CVE-2010-2213: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216.
nvd
CVE-2010-2215MEDIUMCVSS 4.3v1.0v1.0.1+4 more2010-08-11
CVE-2010-2215 [MEDIUM] CVE-2010-2215: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue.
nvd
CVE-2010-0187MEDIUMCVSS 4.3PoC≤ 1.5.3.9120v1.0+4 more2010-02-15
CVE-2010-0187 [MEDIUM] CWE-94 CVE-2010-0187: Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause
Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
nvd
CVE-2010-0186MEDIUMCVSS 6.8≤ 1.5.3.9120v1.0+4 more2010-02-15
CVE-2010-0186 [MEDIUM] CVE-2010-0186: Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and
Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.
nvd
CVE-2009-3798CRITICALCVSS 9.3≤ 1.5.2v1.0+3 more2009-12-10
CVE-2009-3798 [CRITICAL] CWE-399 CVE-2009-3798: Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arb
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
nvd
CVE-2009-3797CRITICALCVSS 9.3≤ 1.5.2v1.0+3 more2009-12-10
CVE-2009-3797 [CRITICAL] CWE-399 CVE-2009-3797: Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execut
Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
nvd
CVE-2009-3799CRITICALCVSS 9.3≤ 1.5.2v1.0+3 more2009-12-10
CVE-2009-3799 [CRITICAL] CWE-189 CVE-2009-3799: Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.
Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."
nvd