Adobe Flash Player Desktop Runtime vulnerabilities
294 known vulnerabilities affecting adobe/flash_player_desktop_runtime.
Total CVEs
294
CISA KEV
8
actively exploited
Public exploits
45
Exploited in wild
8
Severity breakdown
CRITICAL18HIGH260MEDIUM16
Vulnerabilities
Page 15 of 15
CVE-2016-0973HIGHCVSS 8.8≤ 20.0.0.2862016-02-10
CVE-2016-0973 [HIGH] CWE-416 CVE-2016-0973: Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18
Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via
nvd
CVE-2016-0968HIGHCVSS 8.8≤ 20.0.0.2862016-02-10
CVE-2016-0968 [HIGH] CVE-2016-0968: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different
nvd
CVE-2016-0964HIGHCVSS 8.8PoC≤ 20.0.0.2862016-02-10
CVE-2016-0964 [HIGH] CWE-787 CVE-2016-0964: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a d
nvd
CVE-2016-0970HIGHCVSS 8.8≤ 20.0.0.2862016-02-10
CVE-2016-0970 [HIGH] CVE-2016-0970: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different
nvd
CVE-2016-0966HIGHCVSS 8.8≤ 20.0.0.2862016-02-10
CVE-2016-0966 [HIGH] CVE-2016-0966: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different
nvd
CVE-2016-0979HIGHCVSS 8.8≤ 20.0.0.2862016-02-10
CVE-2016-0979 [HIGH] CVE-2016-0979: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different
nvd
CVE-2016-0984HIGHCVSS 8.8KEVPoC≤ 20.0.0.2862016-02-10
CVE-2016-0984 [HIGH] CVE-2016-0984: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability t
nvd
CVE-2016-0967HIGHCVSS 8.8PoC≤ 20.0.0.2862016-02-10
CVE-2016-0967 [HIGH] CVE-2016-0967: Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and bef
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different
nvd
CVE-2016-0983HIGHCVSS 8.8≤ 20.0.0.2862016-02-10
CVE-2016-0983 [HIGH] CVE-2016-0983: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability t
nvd
CVE-2015-5122CRITICALCVSS 9.8KEVPoC≥ 18.0, ≤ 18.0.0.2032015-07-14
CVE-2015-5122 [CRITICAL] CWE-416 CVE-2015-5122: Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation i
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary c
nvd
CVE-2015-5123CRITICALCVSS 9.8KEV≥ 18.0, ≤ 18.0.0.2032015-07-14
CVE-2015-5123 [CRITICAL] CWE-416 CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in A
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code
nvd
CVE-2015-0312CRITICALCVSS 9.3≤ 16.0.0.2872015-01-28
CVE-2015-0312 [CRITICAL] CWE-415 CVE-2015-0312: Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2014-0569CRITICALCVSS 9.3PoC≤ 15.0.0.1672014-10-15
CVE-2014-0569 [CRITICAL] CWE-190 CVE-2014-0569: Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Wind
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2014-0564CRITICALCVSS 10.0≤ 15.0.0.1672014-10-15
CVE-2014-0564 [CRITICAL] CVE-2014-0564: Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and bef
Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diffe
nvd
← Previous15 / 15