Adobe Flash Player vulnerabilities
1,081 known vulnerabilities affecting adobe/flash_player.
Total CVEs
1,081
CISA KEV
36
actively exploited
Public exploits
183
Exploited in wild
46
Severity breakdown
CRITICAL607HIGH369MEDIUM104LOW1
Vulnerabilities
Page 50 of 55
CVE-2010-3647CRITICALCVSS 9.3≥ 9.0, < 9.0.289.0≥ 10.0, < 10.1.102.64+1 more2010-11-07
CVE-2010-3647 [CRITICAL] CVE-2010-3647: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-
nvd
CVE-2010-3649CRITICALCVSS 9.3≥ 9.0, < 9.0.289.0≥ 10.0, < 10.1.102.64+1 more2010-11-07
CVE-2010-3649 [CRITICAL] CVE-2010-3649: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-
nvd
CVE-2010-3638MEDIUMCVSS 4.3≤ 9.0.277.0v9.0.16+39 more2010-11-07
CVE-2010-3638 [MEDIUM] CVE-2010-3638: Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac OS X, when Safari is used, allows attackers to obtain sensitive information via unknown vectors.
nvd
CVE-2010-3654CRITICALCVSS 9.3ExploitedPoC≤ 10.1.85.3v6.0.21.0+56 more2010-10-29
CVE-2010-3654 [CRITICAL] CWE-119 CVE-2010-3654: Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Sol
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applica
nvd
CVE-2010-3976CRITICALCVSS 9.3≤ 9.0.277.0v9.0.16+39 more2010-10-19
CVE-2010-3976 [CRITICAL] CVE-2010-3976: Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.
Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Flash Player.
nvd
CVE-2010-3975CRITICALCVSS 9.3v9.02010-10-19
CVE-2010-3975 [CRITICAL] CVE-2010-3975: Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote
Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash.
nvd
CVE-2010-2884CRITICALCVSS 9.3Exploited≤ 10.1.82.76v7.0+47 more2010-09-15
CVE-2010-2884 [CRITICAL] CVE-2010-2884: Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on
Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unsp
nvd
CVE-2010-2216CRITICALCVSS 9.3≤ 10.1.53.64v7.0+45 more2010-08-11
CVE-2010-2216 [CRITICAL] CVE-2010-2216: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.
nvd
CVE-2010-0209CRITICALCVSS 9.3≤ 10.1.53.64v7.0+45 more2010-08-11
CVE-2010-0209 [CRITICAL] CWE-94 CVE-2010-0209: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216.
nvd
CVE-2010-2214CRITICALCVSS 9.3≤ 10.1.53.64v7.0+45 more2010-08-11
CVE-2010-2214 [CRITICAL] CVE-2010-2214: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216.
nvd
CVE-2010-2213CRITICALCVSS 9.3≤ 10.1.53.64v7.0+45 more2010-08-11
CVE-2010-2213 [CRITICAL] CVE-2010-2213: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216.
nvd
CVE-2010-2215MEDIUMCVSS 4.3≤ 10.1.53.64v7.0+45 more2010-08-11
CVE-2010-2215 [MEDIUM] CVE-2010-2215: Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue.
nvd
CVE-2010-2163CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2010-2163 [CRITICAL] CWE-94 CVE-2010-2163: Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.
Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors.
nvd
CVE-2010-2169CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2010-2169 [CRITICAL] CWE-119 CVE-2010-2169: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
nvd
CVE-2010-2164CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2010-2164 [CRITICAL] CWE-399 CVE-2010-2164: Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and
Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."
nvd
CVE-2009-3793CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2009-3793 [CRITICAL] CWE-399 CVE-2009-3793: Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ado
Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.
nvd
CVE-2010-2161CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2010-2161 [CRITICAL] CWE-94 CVE-2010-2161: Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR b
Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
nvd
CVE-2010-2189CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2010-2189 [CRITICAL] CWE-119 CVE-2010-2189: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, wh
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
nvd
CVE-2010-2166CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2010-2166 [CRITICAL] CVE-2010-2166: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178,
nvd
CVE-2010-2185CRITICALCVSS 9.3v9.0.16v9.0.20+53 more2010-06-15
CVE-2010-2185 [CRITICAL] CWE-119 CVE-2010-2185: Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR bef
Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.
nvd