CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2014-0519 – flash-plugin: security protection bypass (APSB14-14)
https://notcve.org/view.php?id=CVE-2014-0519
14 May 2014 — Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0520. Adobe Flash Player anterior a 13.0.0.214 en Windows y OS X y anterior a 11.2.202.359 en Linux, Adobe AIR SDK anterior a 13.0.0.111 y Adobe AIR SDK & Compiler anterior a 13.0.0.111 p... • http://helpx.adobe.com/security/products/flash-player/apsb14-14.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2014-0520 – flash-plugin: security protection bypass (APSB14-14)
https://notcve.org/view.php?id=CVE-2014-0520
14 May 2014 — Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0518, and CVE-2014-0519. Adobe Flash Player anterior a 13.0.0.214 en Windows y OS X y anterior a 11.2.202.359 en Linux, Adobe AIR SDK anterior a 13.0.0.111 y Adobe AIR SDK & Compiler anterior a 13.0.0.111 p... • http://helpx.adobe.com/security/products/flash-player/apsb14-14.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2014-0518 – flash-plugin: security protection bypass (APSB14-14)
https://notcve.org/view.php?id=CVE-2014-0518
14 May 2014 — Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0519, and CVE-2014-0520. Adobe Flash Player anterior a 13.0.0.214 en Windows y OS X y anterior a 11.2.202.359 en Linux, Adobe AIR SDK anterior a 13.0.0.111 y Adobe AIR SDK & Compiler anterior a 13.0.0.111 p... • http://helpx.adobe.com/security/products/flash-player/apsb14-14.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2014-0516 – flash-plugin: same origin policy bypass (APSB14-14)
https://notcve.org/view.php?id=CVE-2014-0516
14 May 2014 — Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Adobe Flash Player anterior a 13.0.0.214 en Windows y OS X y anterior a 11.2.202.359 en Linux, Adobe AIR SDK anterior a 13.0.0.111 y Adobe AIR SDK & Compiler anterior a 13.0.0.111 permiten a atacantes remotos evadir Same Origin Policy a través de vectores no e... • http://helpx.adobe.com/security/products/flash-player/apsb14-14.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 195EXPL: 0CVE-2014-0509 – flash-plugin: cross-site scripting flaw (APSB14-09)
https://notcve.org/view.php?id=CVE-2014-0509
08 Apr 2014 — Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Adobe Flash Player anterior a 11.7.700.275 y 11.8.x hasta 13.0.x anterior a 13.0.0.182 en Windows y O... • http://helpx.adobe.com/security/products/flash-player/apsb14-09.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 195EXPL: 0CVE-2014-0508 – flash-plugin: information disclosure flaw (APSB14-09)
https://notcve.org/view.php?id=CVE-2014-0508
08 Apr 2014 — Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Adobe Flash Player anterior a 11.7.700.275 y 11.8.x hasta 13.0.x anterior a 13.0.0.182 en Windows y OS X y anteriores 11.2.202.350 en Linux, Adob... • http://helpx.adobe.com/security/products/flash-player/apsb14-09.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 4%CPEs: 195EXPL: 0CVE-2014-0507 – Adobe Flash Player Regular Expression Stack Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0507
08 Apr 2014 — Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer en Adobe Flash Player anterior a 11.7.700.275 y 11.8.x hasta 13.0.x anterior a 13.0.0.182 en Windows y OS X y anteriores 11.2.202.350 en Linux, Ad... • http://helpx.adobe.com/security/products/flash-player/apsb14-09.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-0499 – flash-plugin: multiple flaws lead to arbitrary code execution (APSB14-07)
https://notcve.org/view.php?id=CVE-2014-0499
21 Feb 2014 — Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors. Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x anterior a 12.0.0.70 en Windows y Mac OS... • http://helpx.adobe.com/security/products/flash-player/apsb14-07.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 22%CPEs: 9EXPL: 0CVE-2014-0498 – Adobe Flash Player RegExp Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0498
21 Feb 2014 — Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer basado en pila en Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x anterior a 12.0.0.70 en Windows y Mac OS X y ... • http://helpx.adobe.com/security/products/flash-player/apsb14-07.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 35%CPEs: 9EXPL: 0CVE-2014-0502 – Adobe Flash Player Double Free Vulnerablity
https://notcve.org/view.php?id=CVE-2014-0502
21 Feb 2014 — Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014. Vulnerabilidad de doble liberación en Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x an... • http://helpx.adobe.com/security/products/flash-player/apsb14-07.html • CWE-399: Resource Management Errors CWE-415: Double Free •