Adobe Flash Player vulnerabilities

CVE-2020-9746 [HIGH] CWE-476 CVE-2020-9746: Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dere Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL.

CVE-2020-9633 [CRITICAL] CWE-416 CVE-2020-9633: Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0 Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2020-3757 [HIGH] CWE-843 CVE-2020-3757: Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2019-8075 [HIGH] CVE-2019-8075: Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerab Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

CVE-2019-8070 [CRITICAL] CWE-416 CVE-2019-8070: Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

CVE-2019-8069 [CRITICAL] CWE-346 CVE-2019-8069: Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Orig Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

CVE-2019-7845 [HIGH] CWE-416 CVE-2019-7845: Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earli Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2019-7090 [MEDIUM] CWE-125 CVE-2019-7090: Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome version Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

CVE-2019-7096 [CRITICAL] CWE-416 CVE-2019-7096: Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earli Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2019-7108 [HIGH] CWE-125 CVE-2019-7108: Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earli Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .

CVE-2019-7837 [HIGH] CWE-416 CVE-2019-7837: Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earli Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2018-15983 [HIGH] CWE-426 CVE-2018-15983: Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library lo Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

CVE-2018-15982 [HIGH] CWE-416 CVE-2018-15982: Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulne Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2018-15981 [CRITICAL] CWE-704 CVE-2018-15981: Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploit Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2018-15978 [HIGH] CWE-125 CVE-2018-15978: Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful ex Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

CVE-2018-15967 [HIGH] CWE-200 CVE-2018-15967: Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Succes Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.

CVE-2018-12828 [CRITICAL] CVE-2018-12828: Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vul Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.

CVE-2018-12825 [CRITICAL] CVE-2018-12825: Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitat Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.

CVE-2018-12827 [HIGH] CWE-125 CVE-2018-12827: Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful explo Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

CVE-2018-12826 [HIGH] CWE-125 CVE-2018-12826: Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful explo Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.