CVSS: 8.8EPSS: 1%CPEs: 36EXPL: 0CVE-2015-5571 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5571
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a call... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.1EPSS: 0%CPEs: 36EXPL: 0CVE-2015-5572 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5572
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 52%CPEs: 36EXPL: 2CVE-2015-5574 – Adobe Flash - Color.setTransform Use-After-Free
https://notcve.org/view.php?id=CVE-2015-5574
22 Sep 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682. Vulnerabilidad de uso después de liberación de memoria en Adobe Flash Player en versiones ... • https://packetstorm.news/files/id/136510 •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 1CVE-2015-5575 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5575
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en vers... • https://packetstorm.news/files/id/136338 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 2%CPEs: 36EXPL: 1CVE-2015-5576 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5576
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en ... • https://packetstorm.news/files/id/136337 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 1CVE-2015-5577 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5577
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en vers... • https://packetstorm.news/files/id/136336 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 1CVE-2015-5578 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5578
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en vers... • https://packetstorm.news/files/id/136335 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 36EXPL: 1CVE-2015-5579 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5579
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5567. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185... • https://packetstorm.news/files/id/136334 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 1CVE-2015-5580 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5580
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en vers... • https://packetstorm.news/files/id/136333 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 0CVE-2015-5581 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5581
22 Sep 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5570, CVE-2015-5574, CVE-2015-5584, and CVE-2015-6682. Vulnerabilidad de uso después de liberación de memoria en Adobe Flash Player en versiones ... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html •