Adobe Flash Player vulnerabilities

1,081 known vulnerabilities affecting adobe/flash_player.

Total CVEs

1,081

CISA KEV

actively exploited

Public exploits

183

Exploited in wild

Severity breakdown

CRITICAL607HIGH369MEDIUM104LOW1

Vulnerabilities

Page 45 of 55

CVE-2012-4164CRITICALCVSS 10.0≥ 10.3, < 10.3.183.23≥ 11.4, < 11.4.402.265+3 more2012-08-21

CVE-2012-4164 [CRITICAL] CVE-2012-4164: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 1 Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of

nvd

CVE-2012-4168MEDIUMCVSS 4.3≥ 10.3, < 10.3.183.23≥ 11.4, < 11.4.402.265+3 more2012-08-21

CVE-2012-4168 [MEDIUM] CWE-200 CVE-2012-4168: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 1 Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different

nvd

CVE-2012-1535HIGHCVSS 7.8KEVPoCfixed in 11.3.300.271fixed in 11.2.202.2382012-08-15

CVE-2012-1535 [HIGH] CWE-20 CVE-2012-1535: Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and befo Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.

nvd

CVE-2012-2037CRITICALCVSS 9.3≤ 11.2.202.235≤ 11.1.115.8+1 more2012-06-09

CVE-2012-2037 [CRITICAL] CVE-2012-2037: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 1 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via

nvd

CVE-2012-2040CRITICALCVSS 9.3≤ 11.2.202.235≤ 11.1.115.8+1 more2012-06-09

CVE-2012-2040 [CRITICAL] CWE-426 CVE-2012-2040: Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11 Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain priv

nvd

CVE-2012-2035CRITICALCVSS 9.3≤ 11.2.202.235≤ 11.1.115.8+1 more2012-06-09

CVE-2012-2035 [CRITICAL] CWE-787 CVE-2012-2035: Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecifi

nvd

CVE-2012-2039CRITICALCVSS 9.3≤ 11.2.202.235≤ 11.1.115.8+1 more2012-06-09

CVE-2012-2039 [CRITICAL] CWE-476 CVE-2012-2039: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 1 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer d

nvd

CVE-2012-2036CRITICALCVSS 9.3≤ 11.2.202.235≤ 11.1.115.8+1 more2012-06-09

CVE-2012-2036 [CRITICAL] CWE-190 CVE-2012-2036: Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows an Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.

nvd

CVE-2012-2034HIGHCVSS 7.5KEV≤ 11.2.202.235≤ 11.1.115.8+1 more2012-06-09

CVE-2012-2034 [HIGH] CWE-119 CVE-2012-2034: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 1 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption)

nvd

CVE-2012-2038MEDIUMCVSS 4.3≤ 11.2.202.235≤ 11.1.115.8+1 more2012-06-09

CVE-2012-2038 [MEDIUM] CWE-200 CVE-2012-2038: Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 1 Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information

nvd

CVE-2012-0779CRITICALCVSS 9.3ExploitedPoC≥ 10.3, < 10.3.183.19≥ 11.2, ≤ 11.2.202.233+2 more2012-05-04

CVE-2012-0779 [CRITICAL] CVE-2012-0779: Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012.

nvd

CVE-2012-0725CRITICALCVSS 9.3fixed in 11.2.202.229fixed in 11.2.202.228+2 more2012-04-06

CVE-2012-0725 [CRITICAL] CVE-2012-0725: Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to caus Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.

nvd

CVE-2012-0724CRITICALCVSS 9.3fixed in 11.2.202.229fixed in 11.2.202.228+2 more2012-04-06

CVE-2012-0724 [CRITICAL] CWE-119 CVE-2012-0724: Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to caus Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.

nvd

CVE-2012-0773CRITICALCVSS 9.3fixed in 10.3.183.18≥ 11.0, < 11.2.202.228+2 more2012-03-28

CVE-2012-0773 [CRITICAL] CWE-787 CVE-2012-0773: The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (m

nvd

CVE-2012-0772CRITICALCVSS 10.0≤ 10.3.183.16v2+111 more2012-03-28

CVE-2012-0772 [CRITICAL] CWE-119 CVE-2012-0772: An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors.

nvd

CVE-2012-0768CRITICALCVSS 10.0≤ 10.3.183.15v2+109 more2012-03-05

CVE-2012-0768 [CRITICAL] CWE-399 CVE-2012-0768: The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windo The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

nvd

CVE-2012-0769MEDIUMCVSS 5.0≤ 10.3.183.15v2+109 more2012-03-05

CVE-2012-0769 [MEDIUM] CWE-189 CVE-2012-0769: Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and S Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.

nvd

CVE-2012-0753CRITICALCVSS 9.3fixed in 10.3.183.15≥ 11.0, < 11.1.102.62+2 more2012-02-16

CVE-2012-0753 [CRITICAL] CWE-787 CVE-2012-0753: Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data.

nvd

CVE-2012-0751CRITICALCVSS 10.0fixed in 10.3.183.15≥ 11.0, < 11.1.102.622012-02-16

CVE-2012-0751 [CRITICAL] CWE-787 CVE-2012-0751: The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

nvd

CVE-2012-0756CRITICALCVSS 9.3fixed in 10.3.183.15≥ 11.0, < 11.1.102.62+2 more2012-02-16

CVE-2012-0756 [CRITICAL] CVE-2012-0756: Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0755.

nvd

← Previous45 / 55Next →