Adobe Air vulnerabilities
413 known vulnerabilities affecting adobe/air.
Total CVEs
413
CISA KEV
6
actively exploited
Public exploits
90
Exploited in wild
7
Severity breakdown
CRITICAL314HIGH60MEDIUM39
Vulnerabilities
Page 20 of 21
CVE-2010-2171CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2171 [CRITICAL] CVE-2010-2171: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2
nvd
CVE-2010-2188CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2188 [CRITICAL] CVE-2010-2188: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-21
nvd
CVE-2010-2178CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2178 [CRITICAL] CVE-2010-2178: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2175CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2175 [CRITICAL] CVE-2010-2175: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178,
nvd
CVE-2010-2167CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2167 [CRITICAL] CWE-119 CVE-2010-2167: Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.
Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.
nvd
CVE-2010-2187CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2187 [CRITICAL] CVE-2010-2187: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2181CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2181 [CRITICAL] CVE-2010-2181: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR be
Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183.
nvd
CVE-2010-2173CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2173 [CRITICAL] CWE-119 CVE-2010-2173: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, mi
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
nvd
CVE-2010-2182CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2182 [CRITICAL] CVE-2010-2182: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2170CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2170 [CRITICAL] CWE-189 CVE-2010-2170: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR be
Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.
nvd
CVE-2010-2177CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2177 [CRITICAL] CVE-2010-2177: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178,
nvd
CVE-2010-2183CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2183 [CRITICAL] CVE-2010-2183: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR be
Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181.
nvd
CVE-2010-2186CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2186 [CRITICAL] CWE-94 CVE-2010-2186: Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ado
Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
nvd
CVE-2010-2180CRITICALCVSS 9.3≤ 1.5.3.9130v1.0+5 more2010-06-15
CVE-2010-2180 [CRITICAL] CVE-2010-2180: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2179MEDIUMCVSS 4.3fixed in 2.0.2.126102010-06-15
CVE-2010-2179 [MEDIUM] CWE-79 CVE-2010-2179: Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.
nvd
CVE-2010-1297HIGHCVSS 7.8KEVPoCfixed in 2.0.2.126102010-06-08
CVE-2010-1297 [HIGH] CWE-787 CVE-2010-1297: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Ad
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript
nvd
CVE-2009-1864CRITICALCVSS 9.3≤ 1.5.1v1.0+3 more2009-07-31
CVE-2009-1864 [CRITICAL] CWE-119 CVE-2009-1864: Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ad
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
nvd
CVE-2009-1865CRITICALCVSS 9.3≤ 1.5.1v1.0+3 more2009-07-31
CVE-2009-1865 [CRITICAL] CVE-2009-1865: Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows a
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, related to a "null pointer vulnerability."
nvd
CVE-2009-1868CRITICALCVSS 9.3PoC≤ 1.5.1v1.0+3 more2009-07-31
CVE-2009-1868 [CRITICAL] CWE-119 CVE-2009-1868: Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Ad
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
nvd
CVE-2009-1869CRITICALCVSS 9.3PoC≤ 1.5.1v1.0+3 more2009-07-31
CVE-2009-1869 [CRITICAL] CWE-189 CVE-2009-1869: Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player b
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of
nvd