Adobe Flash Player vulnerabilities

1,081 known vulnerabilities affecting adobe/flash_player.

Total CVEs

1,081

CISA KEV

actively exploited

Public exploits

183

Exploited in wild

Severity breakdown

CRITICAL607HIGH369MEDIUM104LOW1

Vulnerabilities

Page 35 of 55

CVE-2015-0329CRITICALCVSS 10.0≤ 11.2.202.440≤ 13.0.0.264+14 more2015-02-06

CVE-2015-0329 [CRITICAL] CVE-2015-0329: Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330.

nvd

CVE-2015-0320CRITICALCVSS 10.0≤ 11.2.202.440≤ 13.0.0.264+14 more2015-02-06

CVE-2015-0320 [CRITICAL] CVE-2015-0320: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0322.

nvd

CVE-2015-0315CRITICALCVSS 10.0≤ 13.0.0.264v14.0.0.125+14 more2015-02-06

CVE-2015-0315 [CRITICAL] CVE-2015-0315: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0320, and CVE-2015-0322.

nvd

CVE-2015-0328CRITICALCVSS 10.0≤ 13.0.0.264v14.0.0.125+14 more2015-02-06

CVE-2015-0328 [CRITICAL] CVE-2015-0328: Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0326.

nvd

CVE-2015-0319CRITICALCVSS 10.0≤ 11.2.202.440≤ 13.0.0.264+14 more2015-02-06

CVE-2015-0319 [CRITICAL] CVE-2015-0319: Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0317.

nvd

CVE-2015-0330CRITICALCVSS 10.0≤ 13.0.0.264v14.0.0.125+14 more2015-02-06

CVE-2015-0330 [CRITICAL] CVE-2015-0330: Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0329.

nvd

CVE-2015-0323CRITICALCVSS 10.0≤ 13.0.0.264v14.0.0.125+14 more2015-02-06

CVE-2015-0323 [CRITICAL] CWE-119 CVE-2015-0323: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0327.

nvd

CVE-2015-0321CRITICALCVSS 10.0≤ 11.2.202.440≤ 13.0.0.264+14 more2015-02-06

CVE-2015-0321 [CRITICAL] CVE-2015-0321: Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0329, and CVE-2015-0330.

nvd

CVE-2015-0326CRITICALCVSS 10.0≤ 13.0.0.264v14.0.0.125+14 more2015-02-06

CVE-2015-0326 [CRITICAL] CVE-2015-0326: Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0328.

nvd

CVE-2015-0316CRITICALCVSS 10.0≤ 11.2.202.440≤ 13.0.0.264+14 more2015-02-06

CVE-2015-0316 [CRITICAL] CVE-2015-0316: Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.

nvd

CVE-2015-0322CRITICALCVSS 10.0≤ 11.2.202.440≤ 13.0.0.264+14 more2015-02-06

CVE-2015-0322 [CRITICAL] CVE-2015-0322: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and CVE-2015-0320.

nvd

CVE-2015-0313CRITICALCVSS 9.8KEVPoCfixed in 11.2.202.442fixed in 13.0.0.269+1 more2015-02-02

CVE-2015-0313 [CRITICAL] CWE-416 CVE-2015-0313: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-20

nvd

CVE-2015-0312CRITICALCVSS 9.3≤ 11.2.202.438≤ 16.0.0.287+1 more2015-01-28

CVE-2015-0312 [CRITICAL] CWE-415 CVE-2015-0312: Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0. Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.

nvd

CVE-2015-0311CRITICALCVSS 9.8KEVPoC≤ 11.2.202.438≤ 13.0.0.262+1 more2015-01-23

CVE-2015-0311 [CRITICAL] CVE-2015-0311: Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.

nvd

CVE-2015-0310HIGHCVSS 7.8KEVfixed in 11.2.202.438fixed in 13.0.0.262+1 more2015-01-23

CVE-2015-0310 [HIGH] CWE-200 CVE-2015-0310: Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via unknown vectors, as exploited in the

nvd

CVE-2015-0301CRITICALCVSS 10.0v11.2.202.425≤ 13.0.0.259+14 more2015-01-13

CVE-2015-0301 [CRITICAL] CWE-20 CVE-2015-0301: Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impac

nvd

CVE-2015-0306CRITICALCVSS 10.0≤ 13.0.0.259v14.0.0.125+14 more2015-01-13

CVE-2015-0306 [CRITICAL] CVE-2015-0306: Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of ser

nvd

CVE-2015-0305CRITICALCVSS 9.3≤ 11.2.202.425≤ 13.0.0.259+14 more2015-01-13

CVE-2015-0305 [CRITICAL] CVE-2015-0305: Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code by leveraging an unspeci

nvd

CVE-2015-0309CRITICALCVSS 10.0≤ 13.0.0.259v14.0.0.125+14 more2015-01-13

CVE-2015-0309 [CRITICAL] CVE-2015-0309: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrar

nvd

CVE-2015-0304CRITICALCVSS 10.0≤ 13.0.0.259v14.0.0.125+14 more2015-01-13

CVE-2015-0304 [CRITICAL] CWE-119 CVE-2015-0304: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute

nvd

← Previous35 / 55Next →