CVSS: 10.0EPSS: 7%CPEs: 36EXPL: 0CVE-2015-5580 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5580
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 en Linux, Adobe AIR en versiones anteriores a 19.0.0.190, Adobe AIR SDK en versiones anteriores a 19.0.0.190 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.190, permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5582, CVE-2015-5588 y CVE-2015-6677. Adobe Flash suffers from a crash due to a wild pointer 0x1808121a502959a4 decoding h.264. • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securityfocus.com/bid/76799 http://www.securitytracker.com/id/1033629 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 36EXPL: 0CVE-2015-5575 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5575
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 en Linux, Adobe AIR en versiones anteriores a 19.0.0.190, Adobe AIR SDK en versiones anteriores a 19.0.0.190 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.190, permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588 y CVE-2015-6677. Adobe Flash suffers from a wild write at 0x453b0cf0 in color conversion that causes a crash. • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securityfocus.com/bid/76799 http://www.securitytracker.com/id/1033629 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 0CVE-2015-6682 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-6682
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-5584. Vulnerabilidad de uso después de liberación de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 en Linux, Adobe AIR en versiones anteriores a 19.0.0.190, Adobe AIR SDK en versiones anteriores a 19.0.0.190 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.190, permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5570, CVE-2015-5574, CVE-2015-5581 y CVE-2015-5584. • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securityfocus.com/bid/76795 http://www.securitytracker.com/id/1033629 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay& •
CVSS: 10.0EPSS: 25%CPEs: 36EXPL: 0CVE-2015-5587 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5587
Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de desbordamiento de buffer basado en pila en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 en Linux, Adobe AIR en versiones anteriores a 19.0.0.190, Adobe AIR SDK en versiones anteriores a 19.0.0.190 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.190, permite a atacantes ejecutar código arbitrario a través de vectores no especificados • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securityfocus.com/bid/76797 http://www.securitytracker.com/id/1033629 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 36EXPL: 0CVE-2015-5572 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5572
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 en Linux, Adobe AIR en versiones anteriores a 19.0.0.190, Adobe AIR SDK en versiones anteriores a 19.0.0.190 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.190, permite a atacantes eludir las restricciones destinadas al acceso y obtener información sensible a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securityfocus.com/bid/76804 http://www.securitytracker.com/id/1033629 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •