Page 16 of 294 results (0.018 seconds)

CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de búfer en la clase RegExp relacionada con marcadores en búsquedas. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94871 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-622 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso después de liberación en el NetConnection class al manejar un objeto de secuencia de comandos adjunto. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94873 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-619 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-416: Use After Free •

CVSS: 9.3EPSS: 2%CPEs: 15EXPL: 0

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versión 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990. • http://rhn.redhat.com/errata/RHSA-2016-2057.html http://www.securityfocus.com/bid/93490 http://www.securitytracker.com/id/1036985 https://helpx.adobe.com/security/products/flash-player/apsb16-32.html https://security.gentoo.org/glsa/201610-10 https://access.redhat.com/security/cve/CVE-2016-6982 https://bugzilla.redhat.com/show_bug.cgi?id=1383931 • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 1%CPEs: 15EXPL: 0

Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion." Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versión 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar código arbitrario aprovechando una "confusión de tipo" no especificada. • http://rhn.redhat.com/errata/RHSA-2016-2057.html http://www.securityfocus.com/bid/93488 http://www.securitytracker.com/id/1036985 https://helpx.adobe.com/security/products/flash-player/apsb16-32.html https://security.gentoo.org/glsa/201610-10 https://access.redhat.com/security/cve/CVE-2016-6992 https://bugzilla.redhat.com/show_bug.cgi?id=1383931 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.3EPSS: 1%CPEs: 15EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987. Vulnerabilidad de uso después de liberación de memoria en Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versión 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6987. • http://rhn.redhat.com/errata/RHSA-2016-2057.html http://www.securityfocus.com/bid/93492 http://www.securitytracker.com/id/1036985 https://helpx.adobe.com/security/products/flash-player/apsb16-32.html https://security.gentoo.org/glsa/201610-10 https://access.redhat.com/security/cve/CVE-2016-6981 https://bugzilla.redhat.com/show_bug.cgi?id=1383931 • CWE-416: Use After Free •