Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 31 of 55
CVE-2015-3136CRITICALCVSS 10.0≤ 13.0.0.289v14.0.0.125+20 more2015-07-09
CVE-2015-3136 [CRITICAL] CVE-2015-3136: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnera
nvd
CVE-2015-3126HIGHCVSS 7.5≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-3126 [HIGH] CVE-2015-3126: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unkno
nvd
CVE-2015-3115MEDIUMCVSS 5.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-3115 [MEDIUM] CVE-2015-3115: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-
nvd
CVE-2015-3116MEDIUMCVSS 5.0≤ 13.0.0.289v14.0.0.125+20 more2015-07-09
CVE-2015-3116 [MEDIUM] CVE-2015-3116: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-
nvd
CVE-2014-0578MEDIUMCVSS 5.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2014-0578 [MEDIUM] CWE-284 CVE-2014-0578: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than C
nvd
CVE-2015-3114MEDIUMCVSS 5.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-3114 [MEDIUM] CWE-284 CVE-2015-3114: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
nvd
CVE-2015-3125MEDIUMCVSS 5.0≤ 11.2.202.468≤ 13.0.0.289+20 more2015-07-09
CVE-2015-3125 [MEDIUM] CVE-2015-3125: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-
nvd
CVE-2015-5116MEDIUMCVSS 5.0PoC≤ 13.0.0.289v14.0.0.125+20 more2015-07-09
CVE-2015-5116 [MEDIUM] CVE-2015-5116: Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-
nvd
CVE-2015-5119CRITICALCVSS 9.8KEVPoC≥ 13.0.0.182, ≤ 13.0.0296≥ 14.0.0.125, ≤ 18.0.0.194+1 more2015-07-08
CVE-2015-5119 [CRITICAL] CWE-416 CVE-2015-5119: Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Ad
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash conten
nvd
CVE-2015-3113CRITICALCVSS 9.8KEVPoCfixed in 13.0.0.296≥ 14.0.0.125, < 18.0.0.194+1 more2015-06-23
CVE-2015-3113 [CRITICAL] CWE-787 CVE-2015-3113: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
nvd
CVE-2015-3106CRITICALCVSS 10.0PoC≤ 11.2.202.460≤ 13.0.0.289+17 more2015-06-10
CVE-2015-3106 [CRITICAL] CVE-2015-3106: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0
nvd
CVE-2015-3104CRITICALCVSS 10.0PoC≤ 11.2.202.460≤ 13.0.0.289+17 more2015-06-10
CVE-2015-3104 [CRITICAL] CWE-189 CVE-2015-3104: Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on
Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.14
nvd
CVE-2015-3100CRITICALCVSS 10.0≤ 11.2.202.460≤ 13.0.0.289+17 more2015-06-10
CVE-2015-3100 [CRITICAL] CWE-119 CVE-2015-3100: Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler befo
nvd
CVE-2015-3107CRITICALCVSS 10.0PoC≤ 13.0.0.289v14.0.0.125+17 more2015-06-10
CVE-2015-3107 [CRITICAL] CVE-2015-3107: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0
nvd
CVE-2015-3103CRITICALCVSS 10.0≤ 13.0.0.289v14.0.0.125+17 more2015-06-10
CVE-2015-3103 [CRITICAL] CVE-2015-3103: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0
nvd
CVE-2015-3105CRITICALCVSS 10.0PoC≤ 11.2.202.460≤ 13.0.0.289+17 more2015-06-10
CVE-2015-3105 [CRITICAL] CWE-119 CVE-2015-3105: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and be
nvd
CVE-2015-3097MEDIUMCVSS 5.0≤ 13.0.0.289v14.0.0.125+16 more2015-06-10
CVE-2015-3097 [MEDIUM] CWE-200 CVE-2015-3097: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by p
nvd
CVE-2015-3108MEDIUMCVSS 5.0≤ 11.2.202.460≤ 13.0.0.289+17 more2015-06-10
CVE-2015-3108 [MEDIUM] CWE-200 CVE-2015-3108: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and befo
nvd
CVE-2015-3099MEDIUMCVSS 5.0≤ 11.2.202.460≤ 13.0.0.289+17 more2015-06-10
CVE-2015-3099 [MEDIUM] CVE-2015-3099: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.
nvd
CVE-2015-3098MEDIUMCVSS 5.0≤ 13.0.0.289v14.0.0.125+17 more2015-06-10
CVE-2015-3098 [MEDIUM] CWE-200 CVE-2015-3098: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and befo
nvd