Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 46 of 55
CVE-2012-0752CRITICALCVSS 9.3fixed in 10.3.183.15≥ 11.0, < 11.1.102.62+2 more2012-02-16
CVE-2012-0752 [CRITICAL] CWE-843 CVE-2012-0752: Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."
nvd
CVE-2012-0755CRITICALCVSS 9.3fixed in 10.3.183.15≥ 11.0, < 11.1.102.62+2 more2012-02-16
CVE-2012-0755 [CRITICAL] CVE-2012-0755: Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0756.
nvd
CVE-2012-0754HIGHCVSS 8.1KEVPoCfixed in 10.3.183.15≥ 11.0, < 11.1.102.62+2 more2012-02-16
CVE-2012-0754 [HIGH] CWE-787 CVE-2012-0754: Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
nvd
CVE-2012-0767MEDIUMCVSS 6.1KEVfixed in 10.3.183.15≥ 11.0, < 11.1.102.62+2 more2012-02-16
CVE-2012-0767 [MEDIUM] CWE-79 CVE-2012-0767: Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as expl
nvd
CVE-2011-4693CRITICALCVSS 9.3v11.1.102.552011-12-07
CVE-2011-4693 [CRITICAL] CVE-2011-4693: Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote at
Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the first of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. Howe
nvd
CVE-2011-4694CRITICALCVSS 9.3v11.1.102.552011-12-07
CVE-2011-4694 [CRITICAL] CVE-2011-4694: Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote at
Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. How
nvd
CVE-2011-2452CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2452 [CRITICAL] CVE-2011-2452: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-20
nvd
CVE-2011-2445CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2445 [CRITICAL] CWE-119 CVE-2011-2445: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452
nvd
CVE-2011-2456CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2456 [CRITICAL] CWE-119 CVE-2011-2456: Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac
Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2011-2457CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2457 [CRITICAL] CWE-119 CVE-2011-2457: Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2011-2460CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2460 [CRITICAL] CVE-2011-2460: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-20
nvd
CVE-2011-2450CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2450 [CRITICAL] CWE-119 CVE-2011-2450: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
nvd
CVE-2011-2453CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2453 [CRITICAL] CVE-2011-2453: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-20
nvd
CVE-2011-2459CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2459 [CRITICAL] CVE-2011-2459: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-20
nvd
CVE-2011-2454CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2454 [CRITICAL] CVE-2011-2454: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-20
nvd
CVE-2011-2458CRITICALCVSS 9.3≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2458 [CRITICAL] CWE-264 CVE-2011-2458: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.
nvd
CVE-2011-2451CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2451 [CRITICAL] CVE-2011-2451: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-20
nvd
CVE-2011-2455CRITICALCVSS 10.0≥ 10.0, < 10.3.183.11≥ 11.0, < 11.1.102.55+1 more2011-11-11
CVE-2011-2455 [CRITICAL] CVE-2011-2455: Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and S
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-20
nvd
CVE-2011-2430CRITICALCVSS 9.3≤ 10.3.183.7v6.0.21.0+94 more2011-09-22
CVE-2011-2430 [CRITICAL] CWE-20 CVE-2011-2430: Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability."
nvd
CVE-2011-2428CRITICALCVSS 9.3≤ 10.3.183.7v6.0.21.0+94 more2011-09-22
CVE-2011-2428 [CRITICAL] CWE-20 CVE-2011-2428: Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue."
nvd