Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 26 of 55
CVE-2015-7630CRITICALCVSS 10.0≤ 11.2.202.521≤ 19.0.0.1852015-10-15
CVE-2015-7630 [CRITICAL] CVE-2015-7630: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln
nvd
CVE-2015-7632CRITICALCVSS 9.3≤ 11.2.202.521≤ 19.0.0.1852015-10-15
CVE-2015-7632 [CRITICAL] CWE-119 CVE-2015-7632: Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS
Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property.
nvd
CVE-2015-7643CRITICALCVSS 9.3≤ 19.0.0.185≤ 11.2.202.5212015-10-15
CVE-2015-7643 [CRITICAL] CVE-2015-7643: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on W
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Video object with a crafted deblocking property, a
nvd
CVE-2015-7634CRITICALCVSS 10.0≤ 19.0.0.185≤ 11.2.202.5212015-10-15
CVE-2015-7634 [CRITICAL] CVE-2015-7634: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln
nvd
CVE-2015-7627CRITICALCVSS 10.0≤ 11.2.202.521≤ 19.0.0.1852015-10-15
CVE-2015-7627 [CRITICAL] CVE-2015-7627: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln
nvd
CVE-2015-7629CRITICALCVSS 9.3≤ 11.2.202.521≤ 19.0.0.1852015-10-15
CVE-2015-7629 [CRITICAL] CVE-2015-7629: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on W
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextFormat object with a crafted tabStops property,
nvd
CVE-2015-7631CRITICALCVSS 9.3≤ 19.0.0.185≤ 11.2.202.5212015-10-15
CVE-2015-7631 [CRITICAL] CVE-2015-7631: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on W
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextLine object with a crafted validity property, a
nvd
CVE-2015-7644CRITICALCVSS 10.0≤ 19.0.0.185≤ 11.2.202.5212015-10-15
CVE-2015-7644 [CRITICAL] CVE-2015-7644: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on W
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than C
nvd
CVE-2015-7633CRITICALCVSS 10.0≤ 11.2.202.521≤ 19.0.0.1852015-10-15
CVE-2015-7633 [CRITICAL] CVE-2015-7633: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln
nvd
CVE-2015-7645HIGHCVSS 7.8KEVPoC≥ 18.0.0.160, ≤ 18.0.0.252v19.0.0.185+2 more2015-10-15
CVE-2015-7645 [HIGH] CVE-2015-7645: Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x
Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
nvd
CVE-2015-7628MEDIUMCVSS 5.0≤ 19.0.0.185≤ 11.2.202.5212015-10-15
CVE-2015-7628 [MEDIUM] CWE-200 CVE-2015-7628: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
nvd
CVE-2015-7626CRITICALCVSS 10.0≤ 11.2.202.521≤ 19.0.0.1852015-10-14
CVE-2015-7626 [CRITICAL] CVE-2015-7626: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln
nvd
CVE-2015-7625CRITICALCVSS 10.0≤ 19.0.0.185≤ 11.2.202.5212015-10-14
CVE-2015-7625 [CRITICAL] CWE-119 CVE-2015-7625: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ
nvd
CVE-2015-5569CRITICALCVSS 10.0≤ 11.2.202.521≤ 19.0.0.1852015-10-14
CVE-2015-5569 [CRITICAL] CVE-2015-5569: Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 improperly implement the Flash broker API, which has unspecified impact and attack vectors.
nvd
CVE-2015-5568CRITICALCVSS 10.0PoC≤ 11.2.202.508≤ 13.0.0.289+24 more2015-09-22
CVE-2015-5568 [CRITICAL] CWE-20 CVE-2015-5568: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown
nvd
CVE-2015-6682CRITICALCVSS 10.0≤ 13.0.0.289v14.0.0.125+24 more2015-09-22
CVE-2015-6682 [CRITICAL] CVE-2015-6682: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than C
nvd
CVE-2015-5578CRITICALCVSS 10.0≤ 11.2.202.508≤ 13.0.0.289+24 more2015-09-22
CVE-2015-5578 [CRITICAL] CVE-2015-5578: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vuln
nvd
CVE-2015-5579CRITICALCVSS 10.0≤ 11.2.202.508≤ 13.0.0.289+24 more2015-09-22
CVE-2015-5579 [CRITICAL] CVE-2015-5579: Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a differen
nvd
CVE-2015-6676CRITICALCVSS 10.0≤ 11.2.202.508≤ 13.0.0.289+24 more2015-09-22
CVE-2015-6676 [CRITICAL] CWE-119 CVE-2015-6676: Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS
Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-20
nvd
CVE-2015-5570CRITICALCVSS 10.0≤ 13.0.0.289v14.0.0.125+24 more2015-09-22
CVE-2015-5570 [CRITICAL] CVE-2015-5570: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than C
nvd