Adobe Air vulnerabilities

413 known vulnerabilities affecting adobe/air.

Total CVEs

413

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL314HIGH60MEDIUM39

Vulnerabilities

Page 10 of 21

CVE-2015-5575CRITICALCVSS 10.0≤ 18.0.0.143≤ 18.0.0.1992015-09-22

CVE-2015-5575 [CRITICAL] CWE-119 CVE-2015-5575: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ

nvd

CVE-2015-6677CRITICALCVSS 10.0≤ 18.0.0.199≤ 18.0.0.1432015-09-22

CVE-2015-6677 [CRITICAL] CVE-2015-6677: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln

nvd

CVE-2015-6678CRITICALCVSS 10.0≤ 18.0.0.199≤ 18.0.0.1432015-09-22

CVE-2015-6678 [CRITICAL] CVE-2015-6678: Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676.

nvd

CVE-2015-5580CRITICALCVSS 10.0≤ 18.0.0.199≤ 18.0.0.1432015-09-22

CVE-2015-5580 [CRITICAL] CVE-2015-5580: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln

nvd

CVE-2015-5584CRITICALCVSS 10.0≤ 18.0.0.143≤ 18.0.0.1992015-09-22

CVE-2015-5584 [CRITICAL] CVE-2015-5584: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than C

nvd

CVE-2015-5573CRITICALCVSS 10.0≤ 18.0.0.199≤ 18.0.0.1432015-09-22

CVE-2015-5573 [CRITICAL] CVE-2015-5573: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."

nvd

CVE-2015-5587CRITICALCVSS 10.0≤ 18.0.0.143≤ 18.0.0.1992015-09-22

CVE-2015-5587 [CRITICAL] CWE-119 CVE-2015-5587: Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Wi Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors.

nvd

CVE-2015-5588CRITICALCVSS 10.0≤ 18.0.0.143≤ 18.0.0.1992015-09-22

CVE-2015-5588 [CRITICAL] CVE-2015-5588: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln

nvd

CVE-2015-5567CRITICALCVSS 10.0≤ 18.0.0.143≤ 18.0.0.1992015-09-22

CVE-2015-5567 [CRITICAL] CWE-119 CVE-2015-5567: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a

nvd

CVE-2015-5574CRITICALCVSS 10.0PoC≤ 18.0.0.143≤ 18.0.0.1992015-09-22

CVE-2015-5574 [CRITICAL] CVE-2015-5574: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than C

nvd

CVE-2015-5572MEDIUMCVSS 5.0≤ 18.0.0.199≤ 18.0.0.1432015-09-22

CVE-2015-5572 [MEDIUM] CWE-200 CVE-2015-5572: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

nvd

CVE-2015-5576MEDIUMCVSS 5.0≤ 18.0.0.199≤ 18.0.0.1432015-09-22

CVE-2015-5576 [MEDIUM] CWE-200 CVE-2015-5576: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via uns

nvd

CVE-2015-5571MEDIUMCVSS 4.3≤ 18.0.0.199≤ 18.0.0.1432015-09-22

CVE-2015-5571 [MEDIUM] CVE-2015-5571: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks again

nvd

CVE-2015-6679MEDIUMCVSS 5.0≤ 18.0.0.143≤ 18.0.0.1992015-09-22

CVE-2015-6679 [MEDIUM] CWE-200 CVE-2015-6679: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2. Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.

nvd

CVE-2015-5566CRITICALCVSS 10.0≤ 18.0.0.1802015-08-24

CVE-2015-5566 [CRITICAL] CVE-2015-5566: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130,

nvd

CVE-2015-5132CRITICALCVSS 10.0PoC≤ 18.0.0.1802015-08-14

CVE-2015-5132 [CRITICAL] CVE-2015-5132: Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5133.

nvd

CVE-2015-5547CRITICALCVSS 10.0PoC≤ 18.0.0.1802015-08-14

CVE-2015-5547 [CRITICAL] CVE-2015-5547: Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-554

nvd

CVE-2015-5564CRITICALCVSS 10.0≤ 18.0.0.1802015-08-14

CVE-2015-5564 [CRITICAL] CVE-2015-5564: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130,

nvd

CVE-2015-5551CRITICALCVSS 10.0PoC≤ 18.0.0.1802015-08-14

CVE-2015-5551 [CRITICAL] CVE-2015-5551: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130,

nvd

CVE-2015-5540CRITICALCVSS 10.0PoC≤ 18.0.0.1802015-08-14

CVE-2015-5540 [CRITICAL] CVE-2015-5540: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130,

nvd

← Previous10 / 21Next →