Page 174 of 894 results (0.014 seconds)

CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Adobe Flash Player anterior a v10.3.183.11 y v11.x anteriore a v11.1.102.55 en Windows, Mac OS X, Linux, y Solaris y anteriores a v11.1.102.59 en Android, y Adobe AIR anteriores a v3.1.0.4880, permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb11-28.html http://www.redhat.com/support/errata/RHSA-2011-1445.html https://oval.cisecurity.org/repository/search/definition/oval%3A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 1%CPEs: 104EXPL: 0

Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Desbordamiento de búfer basado en pila en el componente ActionScript Virtual Machine (AVM) de Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14125 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15950 https://access.redhat.com/security/cve/CVE-2011-2427 https://bugzilla.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 104EXPL: 0

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass." Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos eludir restricciones de acceso y obtener información sensible a través de vectores no especificados, relacionado con "eludir el control de seguridad" • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14096 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16268 https://access.redhat.com/security/cve/CVE-2011-2429 https://bugzilla.redhat.com • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 10%CPEs: 104EXPL: 0

Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en pila en el componente ActionScript Virtual Machine (AVM) de Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificadeos. • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15366 https://access.redhat.com/security/cve/CVE-2011-2426 https://bugzilla.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 104EXPL: 0

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una URL modificada, relacionado con un "fallo de secuencias de comandos en sitios cruzados universal" como se explotó en Septiembre de 2011. • http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15272 https:/&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •