CVSS: 9.8EPSS: 4%CPEs: 12EXPL: 0CVE-2015-7631 – Adobe Flash TextLine validity Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7631
13 Oct 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextLine object with a crafted validity property, a different vulnerability than CVE-2015-7629, CVE-2015-7643, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Play... • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html •
CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 0CVE-2015-7632 – Adobe Flash Loader loadBytes Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7632
13 Oct 2015 — Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property. Desbordamiento de buffer in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anter... • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 4%CPEs: 12EXPL: 0CVE-2015-7643 – Adobe Flash AS2 Video deblocking Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7643
13 Oct 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Video object with a crafted deblocking property, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Playe... • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html •
CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 0CVE-2015-6676 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-6676
22 Sep 2015 — Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6678. Vulnerabilidad de desbordamiento de buffer en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Win... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 5%CPEs: 36EXPL: 0CVE-2015-6677 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-6677
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-5588. Vulnerabilidad en Adobe Flash Player en vers... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 36EXPL: 0CVE-2015-6679 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-6679
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. Vulnerabilidad de Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 e... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 0CVE-2015-6682 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-6682
22 Sep 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, and CVE-2015-5584. Vulnerabilidad de uso después de liberación de memoria en Adobe Flash Player en versiones ... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 0CVE-2015-5567 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5567
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5579. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 22%CPEs: 36EXPL: 2CVE-2015-5568 – Adobe Flash - 'uint' Capacity Field
https://notcve.org/view.php?id=CVE-2015-5568
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones... • https://packetstorm.news/files/id/133750 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 36EXPL: 0CVE-2015-5571 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5571
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a call... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-352: Cross-Site Request Forgery (CSRF) •