Adobe Flash Player vulnerabilities

1,081 known vulnerabilities affecting adobe/flash_player.

Total CVEs

1,081

CISA KEV

actively exploited

Public exploits

183

Exploited in wild

Severity breakdown

CRITICAL607HIGH369MEDIUM104LOW1

Vulnerabilities

Page 7 of 55

CVE-2016-7875HIGHCVSS 8.8≤ 23.0.0.207≤ 11.2.202.6442016-12-15

CVE-2016-7875 [HIGH] CWE-190 CVE-2016-7875: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable int Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7867HIGHCVSS 8.8≤ 23.0.0.207≤ 11.2.202.6442016-12-15

CVE-2016-7867 [HIGH] CWE-787 CVE-2016-7867: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buf Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7880HIGHCVSS 8.8≤ 23.0.0.207≤ 11.2.202.6442016-12-15

CVE-2016-7880 [HIGH] CWE-416 CVE-2016-7880: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7890HIGHCVSS 8.8≤ 23.0.0.207≤ 11.2.202.6442016-12-15

CVE-2016-7890 [HIGH] CVE-2016-7890: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vu Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy.

nvd

CVE-2016-7892HIGHCVSS 8.8KEV≤ 23.0.0.207≤ 11.2.202.6442016-12-15

CVE-2016-7892 [HIGH] CWE-416 CVE-2016-7892: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7877HIGHCVSS 8.8≤ 23.0.0.207≤ 11.2.202.6442016-12-15

CVE-2016-7877 [HIGH] CWE-416 CVE-2016-7877: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7878HIGHCVSS 8.8≤ 23.0.0.207≤ 11.2.202.6442016-12-15

CVE-2016-7878 [HIGH] CWE-416 CVE-2016-7878: Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the PSDK's MediaPlayer class. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7864HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7864 [HIGH] CWE-416 CVE-2016-7864: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7863HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7863 [HIGH] CWE-416 CVE-2016-7863: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7862HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7862 [HIGH] CWE-416 CVE-2016-7862: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7859HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7859 [HIGH] CWE-416 CVE-2016-7859: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7860HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7860 [HIGH] CWE-704 CVE-2016-7860: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable typ Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7857HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7857 [HIGH] CWE-416 CVE-2016-7857: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7858HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7858 [HIGH] CWE-416 CVE-2016-7858: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7865HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7865 [HIGH] CWE-704 CVE-2016-7865: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable typ Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7861HIGHCVSS 8.8≤ 23.0.0.2052016-11-08

CVE-2016-7861 [HIGH] CWE-704 CVE-2016-7861: Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable typ Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2016-7855HIGHCVSS 8.8KEV≤ 23.0.0.185≤ 11.2.202.6372016-11-01

CVE-2016-7855 [HIGH] CWE-416 CVE-2016-7855: Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.

nvd

CVE-2016-6983HIGHCVSS 8.8≤ 23.0.0.162≤ 18.0.0.375+1 more2016-10-13

CVE-2016-6983 [HIGH] CVE-2016-6983: Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6

nvd

CVE-2016-4286HIGHCVSS 8.8≤ 23.0.0.162≤ 11.2.202.635+1 more2016-10-13

CVE-2016-4286 [HIGH] CWE-284 CVE-2016-4286: Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.

nvd

CVE-2016-6992HIGHCVSS 8.8≤ 23.0.0.162≤ 18.0.0.375+1 more2016-10-13

CVE-2016-6992 [HIGH] CWE-843 CVE-2016-6992: Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion."

nvd

← Previous7 / 55Next →