CVSS: 9.1EPSS: 2%CPEs: 36EXPL: 1CVE-2015-5576 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5576
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en ... • https://packetstorm.news/files/id/136337 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 36EXPL: 0CVE-2015-5571 – flash-plugin: information leaks and hardening bypass fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5571
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirements of a call... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 1CVE-2015-5575 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5575
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en vers... • https://packetstorm.news/files/id/136338 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 0CVE-2015-5588 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5588
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en vers... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 36EXPL: 0CVE-2015-5582 – flash-plugin: multiple code execution issues fixed in APSB15-23
https://notcve.org/view.php?id=CVE-2015-5582
22 Sep 2015 — Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5588, and CVE-2015-6677. Vulnerabilidad en Adobe Flash Player en vers... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 0CVE-2015-6678 – Adobe Flash Player DefineText Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6678
21 Sep 2015 — Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676. Vulnerabilidad de desbordamiento de buffer en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x versiones anteriores a 19.0.0.185 en Window... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 0CVE-2015-5570 – Adobe Flash AVSegmentedSource setSubscribedTags Uninitialized Memory Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-5570
21 Sep 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, and CVE-2015-6682. Vulnerabilidad de uso después de liberación de memoria en Adobe Flash Player en versiones ... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html •
CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0CVE-2015-5566 – flash-plugin: multiple code execution flaws (APSB15-19)
https://notcve.org/view.php?id=CVE-2015-5566
24 Aug 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, C... • http://rhn.redhat.com/errata/RHSA-2015-1603.html •
CVSS: 10.0EPSS: 7%CPEs: 8EXPL: 0CVE-2015-5565 – flash-plugin: multiple code execution flaws (APSB15-19)
https://notcve.org/view.php?id=CVE-2015-5565
14 Aug 2015 — Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, a... • http://rhn.redhat.com/errata/RHSA-2015-1603.html •
CVSS: 10.0EPSS: 2%CPEs: 9EXPL: 1CVE-2015-5125 – HP Security Bulletin HPSBMU03691 1
https://notcve.org/view.php?id=CVE-2015-5125
14 Aug 2015 — Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.233 en Windows y OS X y versiones anteriores a 11.2.202.508 en Linux, en Adobe AIR en versiones anteriores ... • https://packetstorm.news/files/id/133229 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •