Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 29 of 55
CVE-2015-5560CRITICALCVSS 10.0PoC≤ 11.2.202.491≤ 18.0.0.2092015-08-14
CVE-2015-5560 [CRITICAL] CWE-189 CVE-2015-5560: Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508
Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2015-5130CRITICALCVSS 10.0PoC≤ 11.2.202.491≤ 18.0.0.2092015-08-14
CVE-2015-5130 [CRITICAL] CVE-2015-5130: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134,
nvd
CVE-2015-5133CRITICALCVSS 10.0PoC≤ 11.2.202.491≤ 18.0.0.2092015-08-14
CVE-2015-5133 [CRITICAL] CVE-2015-5133: Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508
Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5131 and CVE-2015-5132.
nvd
CVE-2015-5541CRITICALCVSS 10.0≤ 11.2.202.491≤ 18.0.0.2092015-08-14
CVE-2015-5541 [CRITICAL] CVE-2015-5541: Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5129.
nvd
CVE-2015-5125CRITICALCVSS 10.0≤ 18.0.0.209≤ 11.2.202.4912015-08-14
CVE-2015-5125 [CRITICAL] CWE-119 CVE-2015-5125: Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors.
nvd
CVE-2015-5565CRITICALCVSS 10.0≤ 11.2.202.491≤ 18.0.0.2092015-08-14
CVE-2015-5565 [CRITICAL] CVE-2015-5565: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130,
nvd
CVE-2015-5554CRITICALCVSS 10.0PoC≤ 18.0.0.209≤ 11.2.202.4912015-08-14
CVE-2015-5554 [CRITICAL] CVE-2015-5554: Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5555, CVE-2015-5558, and CVE-2
nvd
CVE-2015-5544CRITICALCVSS 10.0PoC≤ 18.0.0.209≤ 11.2.202.4912015-08-14
CVE-2015-5544 [CRITICAL] CWE-119 CVE-2015-5544: Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-
nvd
CVE-2015-5539CRITICALCVSS 10.0PoC≤ 18.0.0.209≤ 11.2.202.4912015-08-14
CVE-2015-5539 [CRITICAL] CVE-2015-5539: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130,
nvd
CVE-2015-5548CRITICALCVSS 10.0PoC≤ 18.0.0.209≤ 11.2.202.4912015-08-14
CVE-2015-5548 [CRITICAL] CVE-2015-5548: Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-554
nvd
CVE-2015-5553CRITICALCVSS 10.0≤ 18.0.0.209≤ 11.2.202.4912015-08-14
CVE-2015-5553 [CRITICAL] CVE-2015-5553: Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-554
nvd
CVE-2015-5124CRITICALCVSS 10.0≤ 13.0.0.289v14.0.0.125+20 more2015-07-20
CVE-2015-5124 [CRITICAL] CVE-2015-5124: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a d
nvd
CVE-2015-5122CRITICALCVSS 9.8KEVPoC≥ 13.0, ≤ 13.0.0.302≥ 18.0, ≤ 18.0.0.203+2 more2015-07-14
CVE-2015-5122 [CRITICAL] CWE-416 CVE-2015-5122: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation i
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary c
nvd
CVE-2015-5123CRITICALCVSS 9.8KEV≥ 11.0, ≤ 11.2.202.481≥ 13.0, ≤ 13.0.0.302+1 more2015-07-14
CVE-2015-5123 [CRITICAL] CWE-416 CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in A
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code
nvd
CVE-2015-3132CRITICALCVSS 10.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-3132 [CRITICAL] CVE-2015-3132: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnera
nvd
CVE-2015-4432CRITICALCVSS 10.0PoC≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-4432 [CRITICAL] CVE-2015-4432: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerabi
nvd
CVE-2015-3135CRITICALCVSS 10.0≤ 13.0.0.289v14.0.0.125+20 more2015-07-09
CVE-2015-3135 [CRITICAL] CWE-119 CVE-2015-3135: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different v
nvd
CVE-2015-3133CRITICALCVSS 10.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-3133 [CRITICAL] CVE-2015-3133: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a d
nvd
CVE-2015-3117CRITICALCVSS 10.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-3117 [CRITICAL] CWE-119 CVE-2015-3117: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vect
nvd
CVE-2015-4431CRITICALCVSS 10.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-4431 [CRITICAL] CVE-2015-4431: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a d
nvd