CVSS: 10.0EPSS: 2%CPEs: 12EXPL: 0CVE-2015-7633 – flash-plugin: multiple code execution issues fixed in APSB15-25
https://notcve.org/view.php?id=CVE-2015-7633
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7634. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630 y CVE-2015-7634. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77065 http://www.securitytracker.com/id/1033797 https://hel • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 12EXPL: 0CVE-2015-7634 – flash-plugin: multiple code execution issues fixed in APSB15-25
https://notcve.org/view.php?id=CVE-2015-7634
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7633. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630 y CVE-2015-7633. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77065 http://www.securitytracker.com/id/1033797 https://hel • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 3%CPEs: 12EXPL: 0CVE-2015-7644 – flash-plugin: multiple code execution issues fixed in APSB15-25
https://notcve.org/view.php?id=CVE-2015-7644
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7643. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7629, CVE-2015-7631 y CVE-2015-7643. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 https://hel •
CVSS: 10.0EPSS: 11%CPEs: 12EXPL: 0CVE-2015-5569 – flash-plugin: information leak and hardening fixes in APSB15-25
https://notcve.org/view.php?id=CVE-2015-5569
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 improperly implement the Flash broker API, which has unspecified impact and attack vectors. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 implementa indebidamente el Flash broker API , lo que tiene vectores de impacto y de ataque no especificados. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77060 http://www.securitytracker.com/id/1033797 https://hel •
CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0CVE-2015-7629 – Adobe Flash TextFormat tabStops Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7629
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextFormat object with a crafted tabStops property, a different vulnerability than CVE-2015-7631, CVE-2015-7643, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto TextFormat con una propiedad tabStops manipulada, una vulnerabilidad diferente a CVE-2015-7631, CVE-2015-7643 y CVE-2015-7644. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextFormat objects. By manipulating the tabStops property of a TextFormat object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 http://www& •