Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 32 of 55
CVE-2015-3102MEDIUMCVSS 5.0≤ 11.2.202.460≤ 13.0.0.289+17 more2015-06-10
CVE-2015-3102 [MEDIUM] CVE-2015-3102: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.
nvd
CVE-2015-3101MEDIUMCVSS 4.3≤ 13.0.0.289v14.0.0.125+17 more2015-06-10
CVE-2015-3101 [MEDIUM] CWE-264 CVE-2015-3101: The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on
The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144
nvd
CVE-2015-3096MEDIUMCVSS 6.8≤ 13.0.0.289v14.0.0.125+17 more2015-06-10
CVE-2015-3096 [MEDIUM] CVE-2015-3096: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.
nvd
CVE-2015-3087CRITICALCVSS 10.0PoC≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3087 [CRITICAL] CWE-189 CVE-2015-3087: Integer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on
Integer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2015-3086CRITICALCVSS 10.0≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3086 [CRITICAL] CVE-2015-3086: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than
nvd
CVE-2015-3077CRITICALCVSS 10.0≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3077 [CRITICAL] CVE-2015-3077: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than
nvd
CVE-2015-3089CRITICALCVSS 10.0PoC≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3089 [CRITICAL] CVE-2015-3089: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a d
nvd
CVE-2015-3090CRITICALCVSS 10.0PoC≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3090 [CRITICAL] CVE-2015-3090: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a d
nvd
CVE-2015-3093CRITICALCVSS 10.0PoC≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3093 [CRITICAL] CVE-2015-3093: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a d
nvd
CVE-2015-3080CRITICALCVSS 10.0PoC≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3080 [CRITICAL] CVE-2015-3080: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2015-3084CRITICALCVSS 10.0≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3084 [CRITICAL] CVE-2015-3084: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than
nvd
CVE-2015-3088CRITICALCVSS 10.0PoC≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3088 [CRITICAL] CWE-119 CVE-2015-3088: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2015-3078CRITICALCVSS 10.0≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3078 [CRITICAL] CWE-119 CVE-2015-3078: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vect
nvd
CVE-2015-3083MEDIUMCVSS 6.4PoC≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3083 [MEDIUM] CVE-2015-3083: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a differen
nvd
CVE-2015-3091MEDIUMCVSS 5.0≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3091 [MEDIUM] CWE-200 CVE-2015-3091: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mech
nvd
CVE-2015-3085MEDIUMCVSS 6.4≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3085 [MEDIUM] CVE-2015-3085: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a differen
nvd
CVE-2015-3079MEDIUMCVSS 5.0≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3079 [MEDIUM] CWE-264 CVE-2015-3079: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
nvd
CVE-2015-3082MEDIUMCVSS 6.4PoC≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3082 [MEDIUM] CWE-264 CVE-2015-3082: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a
nvd
CVE-2015-3092MEDIUMCVSS 5.0≤ 13.0.0.264v14.0.0.125+16 more2015-05-13
CVE-2015-3092 [MEDIUM] CVE-2015-3092: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism vi
nvd
CVE-2015-3081MEDIUMCVSS 4.3PoC≤ 11.2.202.475≤ 13.0.0.264+16 more2015-05-13
CVE-2015-3081 [MEDIUM] CWE-362 CVE-2015-3081: Race condition in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Wi
Race condition in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to bypass the Internet Explorer Protected Mode protection mechanism via unspec
nvd