Adobe Flash Player vulnerabilities

1,081 known vulnerabilities affecting adobe/flash_player.

Total CVEs

1,081

CISA KEV

actively exploited

Public exploits

183

Exploited in wild

Severity breakdown

CRITICAL607HIGH369MEDIUM104LOW1

Vulnerabilities

Page 18 of 55

CVE-2016-0994HIGHCVSS 8.8≤ 20.0.0.306≤ 11.2.202.5692016-03-12

CVE-2016-0994 [HIGH] CVE-2016-0994: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafte

nvd

CVE-2016-0961HIGHCVSS 8.8≤ 20.0.0.306≤ 11.2.202.5692016-03-12

CVE-2016-0961 [HIGH] CVE-2016-0961: Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diffe

nvd

CVE-2016-1001HIGHCVSS 8.8PoC≤ 20.0.0.306≤ 11.2.202.5692016-03-12

CVE-2016-1001 [HIGH] CWE-787 CVE-2016-1001: Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.

nvd

CVE-2015-8653HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8653 [HIGH] CVE-2015-8653: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability t

nvd

CVE-2015-8656HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8656 [HIGH] CVE-2015-8656: Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted M

nvd

CVE-2015-8652HIGHCVSS 8.8PoC≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8652 [HIGH] CVE-2015-8652: Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted M

nvd

CVE-2015-8657HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8657 [HIGH] CVE-2015-8657: Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted M

nvd

CVE-2015-8655HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8655 [HIGH] CVE-2015-8655: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability t

nvd

CVE-2015-8822HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8822 [HIGH] CVE-2015-8822: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability t

nvd

CVE-2015-8654HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8654 [HIGH] CVE-2015-8654: Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted M

nvd

CVE-2015-8658HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8658 [HIGH] CVE-2015-8658: Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption

nvd

CVE-2015-8821HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8821 [HIGH] CVE-2015-8821: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted MPEG-4 data, a different vulnerability t

nvd

CVE-2015-8820HIGHCVSS 8.8≤ 11.2.202.548≤ 18.0.0.261+1 more2016-03-04

CVE-2015-8820 [HIGH] CVE-2015-8820: Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted M

nvd

CVE-2016-0965HIGHCVSS 8.8PoC≤ 11.2.202.559≤ 18.0.0.326+2 more2016-02-10

CVE-2016-0965 [HIGH] CVE-2016-0965: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different

nvd

CVE-2016-0980HIGHCVSS 8.8≤ 11.2.202.559≤ 18.0.0.326+2 more2016-02-10

CVE-2016-0980 [HIGH] CVE-2016-0980: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different

nvd

CVE-2016-0985HIGHCVSS 8.8PoC≤ 11.2.202.559≤ 18.0.0.326+2 more2016-02-10

CVE-2016-0985 [HIGH] CWE-843 CVE-2016-0985: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."

nvd

CVE-2016-0976HIGHCVSS 8.8≤ 11.2.202.559≤ 18.0.0.326+2 more2016-02-10

CVE-2016-0976 [HIGH] CVE-2016-0976: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different

nvd

CVE-2016-0971HIGHCVSS 8.8PoC≤ 11.2.202.559≤ 18.0.0.326+2 more2016-02-10

CVE-2016-0971 [HIGH] CWE-787 CVE-2016-0971: Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.3 Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors.

nvd

CVE-2016-0974HIGHCVSS 8.8PoC≤ 11.2.202.559≤ 18.0.0.326+2 more2016-02-10

CVE-2016-0974 [HIGH] CVE-2016-0974: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability t

nvd

CVE-2016-0975HIGHCVSS 8.8≤ 11.2.202.559≤ 18.0.0.326+2 more2016-02-10

CVE-2016-0975 [HIGH] CVE-2016-0975: Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper ref

nvd

← Previous18 / 55Next →