Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 36 of 55
CVE-2015-0308CRITICALCVSS 10.0≤ 13.0.0.259v14.0.0.125+14 more2015-01-13
CVE-2015-0308 [CRITICAL] CVE-2015-0308: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitr
nvd
CVE-2015-0303CRITICALCVSS 10.0v11.2.202.425≤ 13.0.0.259+14 more2015-01-13
CVE-2015-0303 [CRITICAL] CVE-2015-0303: Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of ser
nvd
CVE-2015-0307HIGHCVSS 8.5≤ 11.2.202.425≤ 13.0.0.259+14 more2015-01-13
CVE-2015-0307 [HIGH] CWE-119 CVE-2015-0307: Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow remote attackers to obtain sensitive information from pr
nvd
CVE-2015-0302MEDIUMCVSS 5.0v11.2.202.425≤ 13.0.0.259+14 more2015-01-13
CVE-2015-0302 [MEDIUM] CVE-2015-0302: Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspec
nvd
CVE-2014-9164CRITICALCVSS 10.0≥ 13.0, < 13.0.0.259≥ 14.0, ≤ 14.0.0.179+2 more2014-12-10
CVE-2014-9164 [CRITICAL] CVE-2014-9164: Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587.
nvd
CVE-2014-8443CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-12-10
CVE-2014-8443 [CRITICAL] CVE-2014-8443: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2014-9162CRITICALCVSS 10.0≥ 13.0, < 13.0.0.259≥ 14.0, ≤ 14.0.0.179+2 more2014-12-10
CVE-2014-9162 [CRITICAL] CWE-200 CVE-2014-9162: Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors.
nvd
CVE-2014-0580CRITICALCVSS 10.0≥ 13, < 13.0.0.259≥ 14, ≤ 14.0.0.179+2 more2014-12-10
CVE-2014-0580 [CRITICAL] CWE-264 CVE-2014-0580: Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
nvd
CVE-2014-0587CRITICALCVSS 10.0≥ 13.0, < 13.0.0.259≥ 14.0, ≤ 16.0.0.235+1 more2014-12-10
CVE-2014-0587 [CRITICAL] CWE-94 CVE-2014-0587: Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164.
nvd
CVE-2014-9163HIGHCVSS 7.8KEV≥ 13.0, < 13.0.0.259≥ 14.0, ≤ 14.0.0.179+2 more2014-12-10
CVE-2014-9163 [HIGH] CWE-121 CVE-2014-9163: Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.
nvd
CVE-2014-8439HIGHCVSS 8.8KEV≤ 11.2.202.418≤ 15.0.0.223+1 more2014-11-25
CVE-2014-8439 [HIGH] CWE-119 CVE-2014-8439: Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified ve
nvd
CVE-2014-0573CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0573 [CRITICAL] CVE-2014-0573: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerabili
nvd
CVE-2014-0576CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0576 [CRITICAL] CVE-2014-0576: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diffe
nvd
CVE-2014-0577CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0577 [CRITICAL] CWE-94 CVE-2014-0577: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability t
nvd
CVE-2014-8441CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-8441 [CRITICAL] CVE-2014-8441: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diffe
nvd
CVE-2014-8438CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-8438 [CRITICAL] CVE-2014-8438: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerabili
nvd
CVE-2014-0584CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0584 [CRITICAL] CVE-2014-0584: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE
nvd
CVE-2014-8440CRITICALCVSS 10.0PoC≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-8440 [CRITICAL] CVE-2014-8440: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diffe
nvd
CVE-2014-0588CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0588 [CRITICAL] CVE-2014-0588: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerabili
nvd
CVE-2014-0581CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0581 [CRITICAL] CVE-2014-0581: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diffe
nvd