cbcvebase.

Macromedia Flash Player vulnerabilities

42 known vulnerabilities affecting macromedia/flash_player.

Total CVEs
42
CISA KEV
0
Public exploits
4
Exploited in wild
1
Severity breakdown
CRITICAL29HIGH4MEDIUM9

Vulnerabilities

Page 2 of 3
CVE-2010-2176P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2176 [CRITICAL] CVE-2010-2176: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178,
nvd
CVE-2010-2178P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2178 [CRITICAL] CVE-2010-2178: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2175P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2175 [CRITICAL] CVE-2010-2175: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178,
nvd
CVE-2010-2187P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2187 [CRITICAL] CVE-2010-2187: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2182P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2182 [CRITICAL] CVE-2010-2182: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2177P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2177 [CRITICAL] CVE-2010-2177: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178,
nvd
CVE-2010-2180P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2180 [CRITICAL] CVE-2010-2180: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177,
nvd
CVE-2010-2169P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2169 [CRITICAL] CWE-119 CVE-2010-2169: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
nvd
CVE-2010-2189P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2189 [CRITICAL] CWE-119 CVE-2010-2189: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, wh Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
nvd
CVE-2003-1017P4MEDIUMCVSS 5.0PoCv4.0_r12v5.0+7 more2004-01-05
CVE-2003-1017 [MEDIUM] CVE-2003-1017: Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is a Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names.
nvd
CVE-2010-2186P3CRITICALCVSS 9.3v5.0v5.0.30.0+3 more2010-06-15
CVE-2010-2186 [CRITICAL] CWE-94 CVE-2010-2186: Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ado Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
nvd
CVE-2006-6827P4MEDIUMCVSS 5.0PoCv8.0v8.0.22.0+2 more2006-12-31
CVE-2006-6827 [MEDIUM] CVE-2006-6827: Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Exp Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method.
nvd
CVE-2005-2628P4MEDIUMCVSS 5.1v6.0v6.0.29.0+6 more2005-11-05
CVE-2005-2628 [MEDIUM] CVE-2005-2628: Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF fil Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
nvd
CVE-2002-0605P4HIGHCVSS 7.5v6.02002-06-18
CVE-2002-0605 [HIGH] CVE-2002-0605: Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers t Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary code via a long movie parameter.
nvd
CVE-2006-0024P4MEDIUMCVSS 5.1≤ 8.0.22.0v4.0_r12+12 more2006-03-15
CVE-2006-0024 [MEDIUM] CVE-2006-0024: Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attacke Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
nvd
CVE-2002-0477P4HIGHCVSS 7.5v5.02002-08-12
CVE-2002-0477 [HIGH] CVE-2002-0477: Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand.
nvd
CVE-2002-1382P4HIGHCVSS 7.5v4.0_r12v5.0+5 more2002-12-23
CVE-2002-1382 [HIGH] CVE-2002-1382: Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certai Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846.
nvd
CVE-2002-1534P4MEDIUMCVSS 5.0v6.0v6.0.29.0+2 more2003-03-31
CVE-2002-1534 [MEDIUM] CVE-2002-1534: Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf fil Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.
nvd
CVE-2002-1467P4MEDIUMCVSS 5.0v6.0v6.0.29.0+1 more2003-04-22
CVE-2002-1467 [MEDIUM] CVE-2002-1467: Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restrictio Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).
nvd
CVE-2002-0476P4MEDIUMCVSS 5.0v5.02002-08-12
CVE-2002-0476 [MEDIUM] CVE-2002-0476: Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand.
nvd
Macromedia Flash Player vulnerabilities | cvebase