CVSS: 8.8EPSS: 1%CPEs: 16EXPL: 0CVE-2018-4945 – Adobe Flash Microphone Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4945
Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Flash Player en versiones 29.0.0.171 y anteriores tiene una vulnerabilidad de confusión de tipos. Su explotación con éxito podría permitir la ejecución de código arbitrario en el contexto del usuario actual. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/104413 http://www.securitytracker.com/id/1041058 https://access.redhat.com/errata/RHSA-2018:1827 https://helpx.adobe.com/security/products/flash-player/apsb18-19.html https://security.gentoo.org/glsa/201806-02 https://access.redhat.com/security/cve/CVE-2018-4945 https://bugzilla.redhat.com/show_bug.cgi?id=1588500 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-5000 – Adobe Flash RTMP Parsing Integer Overflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-5000
Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player en versiones 29.0.0.171 y anteriores tiene una vulnerabilidad de desbordamiento de enteros. Su explotación con éxito podría resultar en una divulgación de información. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/104413 http://www.securitytracker.com/id/1041058 https://access.redhat.com/errata/RHSA-2018:1827 https://helpx.adobe.com/security/products/flash-player/apsb18-19.html https://security.gentoo.org/glsa/201806-02 https://access.redhat.com/security/cve/CVE-2018-5000 https://bugzilla.redhat.com/show_bug.cgi?id=1588502 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-5001 – Adobe Flash Player BitmapData applyFilter Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-5001
Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player en versiones 29.0.0.171 y anteriores tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/104413 http://www.securitytracker.com/id/1041058 https://access.redhat.com/errata/RHSA-2018:1827 https://helpx.adobe.com/security/products/flash-player/apsb18-19.html https://security.gentoo.org/glsa/201806-02 https://access.redhat.com/security/cve/CVE-2018-5001 https://bugzilla.redhat.com/show_bug.cgi?id=1588502 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 37%CPEs: 16EXPL: 0CVE-2018-4944 – flash-plugin: Arbitrary Code Execution vulnerability (APSB18-16)
https://notcve.org/view.php?id=CVE-2018-4944
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Flash Player, en versiones 29.0.0.140 y anteriores, tiene una vulnerabilidad explotable de confusión de tipos. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. • http://www.securityfocus.com/bid/104101 http://www.securitytracker.com/id/1040840 https://access.redhat.com/errata/RHSA-2018:1367 https://helpx.adobe.com/security/products/flash-player/apsb18-16.html https://security.gentoo.org/glsa/201806-02 https://access.redhat.com/security/cve/CVE-2018-4944 https://bugzilla.redhat.com/show_bug.cgi?id=1576040 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0CVE-2018-6100 – chromium-browser: URL spoof in Omnibox
https://notcve.org/view.php?id=CVE-2018-6100
Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Aplicación insuficiente de caracteres confundibles en URL Formatter en Google Chrome, en versiones anteriores a la 66.0.3359.117 para macOS, permitía que un atacante remoto suplantase dominios mediante homogramas IDN mediante un nombre de dominio manipulado. • http://www.securityfocus.com/bid/103917 https://access.redhat.com/errata/RHSA-2018:1195 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/811117 https://security.gentoo.org/glsa/201804-22 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6100 https://bugzilla.redhat.com/show_bug.cgi?id=1568778 • CWE-19: Data Processing Errors •