Adobe Flash Player vulnerabilities

1,081 known vulnerabilities affecting adobe/flash_player.

Total CVEs

1,081

CISA KEV

actively exploited

Public exploits

183

Exploited in wild

Severity breakdown

CRITICAL607HIGH369MEDIUM104LOW1

Vulnerabilities

Page 47 of 55

CVE-2011-2427CRITICALCVSS 9.3≤ 10.3.183.7v6.0.21.0+94 more2011-09-22

CVE-2011-2427 [CRITICAL] CWE-119 CVE-2011-2427: Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Playe Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors.

nvd

CVE-2011-2426CRITICALCVSS 9.3≤ 10.3.183.7v6.0.21.0+94 more2011-09-22

CVE-2011-2426 [CRITICAL] CWE-119 CVE-2011-2426: Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Playe Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors.

nvd

CVE-2011-2444MEDIUMCVSS 4.3Exploited≤ 10.3.183.7v6.0.21.0+94 more2011-09-22

CVE-2011-2444 [MEDIUM] CWE-79 CVE-2011-2444: Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011.

nvd

CVE-2011-2429MEDIUMCVSS 5.0≤ 10.3.183.7v6.0.21.0+94 more2011-09-22

CVE-2011-2429 [MEDIUM] CWE-264 CVE-2011-2429: Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186. Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass."

nvd

CVE-2011-2424CRITICALCVSS 9.3≤ 10.3.181.36v6.0.21.0+90 more2011-08-15

CVE-2011-2424 [CRITICAL] CWE-119 CVE-2011-2424: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 un

nvd

CVE-2011-2136CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2136 [CRITICAL] CWE-189 CVE-2011-2136: Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris an Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416.

nvd

CVE-2011-2134CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2134 [CRITICAL] CVE-2011-2134: Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414,

nvd

CVE-2011-2414CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2414 [CRITICAL] CVE-2011-2414: Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137,

nvd

CVE-2011-2130CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2130 [CRITICAL] CWE-119 CVE-2011-2130: Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-20

nvd

CVE-2011-2417CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2417 [CRITICAL] CVE-2011-2417: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135,

nvd

CVE-2011-2425CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2425 [CRITICAL] CVE-2011-2425: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135,

nvd

CVE-2011-2138CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2138 [CRITICAL] CVE-2011-2138: Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris an Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.

nvd

CVE-2011-2416CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2416 [CRITICAL] CVE-2011-2416: Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris an Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.

nvd

CVE-2011-2135CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2135 [CRITICAL] CWE-119 CVE-2011-2135: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-201

nvd

CVE-2011-2415CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2415 [CRITICAL] CVE-2011-2415: Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137,

nvd

CVE-2011-2137CRITICALCVSS 10.0≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2137 [CRITICAL] CVE-2011-2137: Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414,

nvd

CVE-2011-2140CRITICALCVSS 10.0PoC≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2140 [CRITICAL] CVE-2011-2140: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135,

nvd

CVE-2011-2139MEDIUMCVSS 6.4≤ 10.3.181.36v6.0.21.0+90 more2011-08-10

CVE-2011-2139 [MEDIUM] CWE-264 CVE-2011-2139: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.

nvd

CVE-2011-2110CRITICALCVSS 10.0ExploitedPoC≤ 10.3.181.23v6.0.21.0+87 more2011-06-16

CVE-2011-2110 [CRITICAL] CWE-119 CVE-2011-2110: Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.

nvd

CVE-2011-2107MEDIUMCVSS 4.3≤ 10.3.181.16v6.0.21.0+86 more2011-06-09

CVE-2011-2107 [MEDIUM] CWE-79 CVE-2011-2107: Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability."

nvd

← Previous47 / 55Next →