Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 37 of 55
CVE-2014-0590CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0590 [CRITICAL] CVE-2014-0590: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE
nvd
CVE-2014-0589CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0589 [CRITICAL] CVE-2014-0589: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability
nvd
CVE-2014-0585CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0585 [CRITICAL] CVE-2014-0585: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE
nvd
CVE-2014-0586CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0586 [CRITICAL] CVE-2014-0586: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE
nvd
CVE-2014-0582CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0582 [CRITICAL] CWE-119 CVE-2014-0582: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulne
nvd
CVE-2014-0574CRITICALCVSS 10.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0574 [CRITICAL] CWE-94 CVE-2014-0574: Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.22
Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2014-0583HIGHCVSS 7.5≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-0583 [HIGH] CWE-119 CVE-2014-0583: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.2
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to complete a transition from Low Integrity to Medium Integrity via unsp
nvd
CVE-2014-8442HIGHCVSS 7.5≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-8442 [HIGH] CWE-264 CVE-2014-8442: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.
nvd
CVE-2014-8437MEDIUMCVSS 5.0≥ 13.0, < 13.0.0.252≥ 14.0, ≤ 14.0.0.179+2 more2014-11-11
CVE-2014-8437 [MEDIUM] CWE-200 CVE-2014-8437: Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow remote attackers to discover session tokens via unspecified vectors.
nvd
CVE-2014-0569CRITICALCVSS 9.3PoC≤ 11.2.202.406≤ 13.0.0.244+2 more2014-10-15
CVE-2014-0569 [CRITICAL] CWE-190 CVE-2014-0569: Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Wind
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2014-0558CRITICALCVSS 10.0≤ 13.0.0.244v13.0.0.182+43 more2014-10-15
CVE-2014-0558 [CRITICAL] CWE-94 CVE-2014-0558: Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors,
nvd
CVE-2014-0564CRITICALCVSS 10.0≤ 11.2.202.406≤ 13.0.0.244+2 more2014-10-15
CVE-2014-0564 [CRITICAL] CVE-2014-0564: Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diffe
nvd
CVE-2014-0554CRITICALCVSS 10.0≤ 13.0.0.241v13.0.0.182+40 more2014-09-10
CVE-2014-0554 [CRITICAL] CVE-2014-0554: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified
nvd
CVE-2014-0547CRITICALCVSS 10.0≤ 13.0.0.241v13.0.0.182+40 more2014-09-10
CVE-2014-0547 [CRITICAL] CWE-119 CVE-2014-0547: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of
nvd
CVE-2014-0555CRITICALCVSS 10.0≤ 11.2.202.400v11.2.202.223+40 more2014-09-10
CVE-2014-0555 [CRITICAL] CVE-2014-0555: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service
nvd
CVE-2014-0553CRITICALCVSS 10.0≤ 13.0.0.241v13.0.0.182+40 more2014-09-10
CVE-2014-0553 [CRITICAL] CVE-2014-0553: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary
nvd
CVE-2014-0559CRITICALCVSS 10.0≤ 13.0.0.241v13.0.0.182+40 more2014-09-10
CVE-2014-0559 [CRITICAL] CVE-2014-0559: Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.1
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary co
nvd
CVE-2014-0557CRITICALCVSS 10.0≤ 11.2.202.400v11.2.202.223+40 more2014-09-10
CVE-2014-0557 [CRITICAL] CWE-264 CVE-2014-0557: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which
nvd
CVE-2014-0549CRITICALCVSS 10.0≤ 13.0.0.241v13.0.0.182+40 more2014-09-10
CVE-2014-0549 [CRITICAL] CVE-2014-0549: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service
nvd
CVE-2014-0551CRITICALCVSS 10.0≤ 13.0.0.241v13.0.0.182+40 more2014-09-10
CVE-2014-0551 [CRITICAL] CVE-2014-0551: Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service
nvd