CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2015-3114 – flash-plugin: information disclosure issues fixed in APSB15-16
https://notcve.org/view.php?id=CVE-2015-3114
08 Jul 2015 — Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Vulnerabilidad descubierta en las versiones de Adobe Flash Player anteriores a la 13.0.0.302 y la 14.x hasta la 18.x anterior a 18.0.0.203 para Windows y OS X ... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 28EXPL: 0CVE-2015-3115 – flash-plugin: information disclosure issues fixed in APSB15-16
https://notcve.org/view.php?id=CVE-2015-3115
08 Jul 2015 — Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3116, CVE-2015-3125, and CVE-2015-5116. Vulnerabilidad descubierta en las versiones de Adobe Flash Player anteriores a la 13.0.0.302 y l... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 28EXPL: 0CVE-2015-3116 – flash-plugin: information disclosure issues fixed in APSB15-16
https://notcve.org/view.php?id=CVE-2015-3116
08 Jul 2015 — Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3125, and CVE-2015-5116. Vulnerabilidad descubierta en las versiones de Adobe Flash Player anteriores a la 13.0.0.302 y l... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 28EXPL: 0CVE-2015-3125 – Adobe Flash Sound Universal Cross Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2015-3125
08 Jul 2015 — Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-5116. Vulnerabilidad descubierta en las versiones de Adobe Flash Player anteriores a la 13.0.0.302 y l... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 2%CPEs: 28EXPL: 0CVE-2015-3126 – flash-plugin: multiple code execution issues fixed in APSB15-16
https://notcve.org/view.php?id=CVE-2015-3126
08 Jul 2015 — Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-4429. Vulnerabilidad descubierta en las versiones de Adobe Flash Player anteriores a la 13.0.0.30... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html •
CVSS: 10.0EPSS: 2%CPEs: 28EXPL: 0CVE-2015-3135 – flash-plugin: multiple code execution issues fixed in APSB15-16
https://notcve.org/view.php?id=CVE-2015-3135
08 Jul 2015 — Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-4432 and CVE-2015-5118. Desbordamiento de buffer basado en memoria dinámica descubierto en las versiones de Adobe Flash Player anterio... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 28EXPL: 0CVE-2015-4429 – flash-plugin: multiple code execution issues fixed in APSB15-16
https://notcve.org/view.php?id=CVE-2015-4429
08 Jul 2015 — Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-3126. Vulnerabilidad descubierta en las versiones de Adobe Flash Player anteriores a la 13.0.0.30... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html •
CVSS: 10.0EPSS: 42%CPEs: 22EXPL: 2CVE-2015-3113 – Adobe Flash Player Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2015-3113
23 Jun 2015 — Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbit... • https://packetstorm.news/files/id/132525 • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 22EXPL: 0CVE-2015-3097 – Gentoo Linux Security Advisory 201506-01
https://notcve.org/view.php?id=CVE-2015-3097
10 Jun 2015 — Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by predicting this address. Adobe Flash Player anterior a 13.0.0.292 y 14.x hasta 18.x anterior a 18.0.0.160, Adobe AIR anterior a 18.0.0.144, Adobe AIR SDK anteri... • http://www.securityfocus.com/bid/75090 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 29EXPL: 0CVE-2015-3101 – Gentoo Linux Security Advisory 201506-01
https://notcve.org/view.php?id=CVE-2015-3101
10 Jun 2015 — The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, when Internet Explorer is used, allows attackers to perform a transition from Low Integrity to Medium Integrity via ... • http://www.securityfocus.com/bid/75089 • CWE-264: Permissions, Privileges, and Access Controls •