Page 135 of 737 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 0

CVE-2015-0340 – flash-plugin: file upload restriction bypass (APSB15-05)

https://notcve.org/view.php?id=CVE-2015-0340

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass intended file-upload restrictions via unspecified vectors. Adobe Flash Player anterior a 13.0.0.277 y 14.x a través de 17.x anterior a 17.0.0.134 en Windows y OS X y anterior a 11.2.202.451 en Linux permite a atacantes remotos evadir las restricciones de carga de ficheros a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00017.html http://rhn.redhat.com/errata/RHSA-2015-0697.html http://www.securitytracker.com/id/1031922 https://helpx.adobe.com/security/products/flash-player/apsb15-05.html https://security.gentoo.org/glsa/2015 •

CVSS: 10.0EPSS: 1%CPEs: 20EXPL: 0

CVE-2015-0333 – flash-plugin: multiple code execution issues fixed in APSB15-05

https://notcve.org/view.php?id=CVE-2015-0333

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0332, CVE-2015-0335, and CVE-2015-0339. Adobe Flash Player anterior a 13.0.0.277 y 14.x a través de 17.x anterior a 17.0.0.134 en Windows y OS X y before 11.2.202.451 en Linux permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2015-0332, CVE-2015-0335, y CVE-2015-0339. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00017.html http://rhn.redhat.com/errata/RHSA-2015-0697.html http://www.securitytracker.com/id/1031922 https://helpx.adobe.com/security/products/flash-player/apsb15-05.html https://security.gentoo.org/glsa/2015 • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 3%CPEs: 20EXPL: 0

CVE-2015-0341 – Adobe Flash Player AVSS Load Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0341

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0342. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.277 y 14.x a través de 17.x anterior a 17.0.0.134 en Windows y OS X y anterior a 11.2.202.451 en Linux permite a atacantes ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2015-0342. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AVSS objects. By calling Load multiple times an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00017.html http://rhn.redhat.com/errata/RHSA-2015-0697.html http://www.securitytracker.com/id/1031922 https://helpx.adobe.com/security/products/flash-player/apsb15-05.html https://security.gentoo.org/glsa/2015 •

CVSS: 10.0EPSS: 11%CPEs: 19EXPL: 0

CVE-2015-0331 – Adobe Flash HLS Playlist Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0331

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.269 y 14.x hasta 16.x anterior a 16.0.0.305 en Windows y OS X y anterior a 11.2.202.442 en Linux permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, y CVE-2015-0322. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of an invalid m3u8 playlist. By manipulating this playlist an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://www.securityfocus.com/bid/72698 https://helpx.adobe.com/security/products/flash-player/apsb15-04.html https://access.redhat.com/security/cve/CVE-2015-0331 https://bugzilla.redhat.com/show_bug.cgi?id=1190068 •

CVSS: 10.0EPSS: 8%CPEs: 19EXPL: 0

CVE-2015-0329 – flash-plugin: multiple code execution flaws (APSB15-04)

https://notcve.org/view.php?id=CVE-2015-0329

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330. Adobe Flash Player anterior a 13.0.0.269 y 14.x hasta 16.x anterior a 16.0.0.305 en Windows y OS X y anteriores 11.2.202.442 en Linux permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, y CVE-2015-0330. • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html http://rhn.redhat.com/errata/RHSA-2015-0140.html http://secunia.com/advisories/62777 http://secunia.com/advisories/62886 http://secunia.com/advisories/62895 http://security.gentoo.org/glsa/glsa •