CVSS: 10.0EPSS: 45%CPEs: 19EXPL: 0CVE-2015-5123 – Adobe Flash Player Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2015-5123
14 Jul 2015 — Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015. Vulnerabili... • http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak • CWE-416: Use After Free •
CVSS: 10.0EPSS: 92%CPEs: 25EXPL: 3CVE-2015-5122 – Adobe Flash Player Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2015-5122
13 Jul 2015 — Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in... • https://packetstorm.news/files/id/132663 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 56EXPL: 0CVE-2015-3281 – haproxy: information leak in buffer_slow_realign()
https://notcve.org/view.php?id=CVE-2015-3281
06 Jul 2015 — The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request. La función buffer_slow_realign en HAProxy 1.5.x anterior a 1.5.14 y 1.6-dev no realinea correctamente un buffer que es utilizado para datos salientes pendientes, lo que permite a atacantes remotos obtener información sensib... • http://git.haproxy.org/?p=haproxy-1.5.git%3Ba=commit%3Bh=7ec765568883b2d4e5a2796adbeb492a22ec9bd4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 92%CPEs: 22EXPL: 2CVE-2015-3113 – Adobe Flash Player Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2015-3113
23 Jun 2015 — Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbit... • https://packetstorm.news/files/id/132525 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 10%CPEs: 31EXPL: 0CVE-2015-3038 – flash-plugin: multiple code execution issues fixed in APSB15-06
https://notcve.org/view.php?id=CVE-2015-3038
13 Apr 2015 — Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html •
CVSS: 10.0EPSS: 8%CPEs: 31EXPL: 0CVE-2015-3039 – Adobe Flash Player AS2 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3039
13 Apr 2015 — Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes e... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2015-3040 – flash-plugin: information leaks leading to ASLR bypass (APSB15-06)
https://notcve.org/view.php?id=CVE-2015-3040
13 Apr 2015 — Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux no restringe correctamente el descubrimiento de direccio... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 4%CPEs: 31EXPL: 0CVE-2015-3041 – flash-plugin: multiple code execution issues fixed in APSB15-06
https://notcve.org/view.php?id=CVE-2015-3041
13 Apr 2015 — Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3042, and CVE-2015-3043. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html •
CVSS: 10.0EPSS: 51%CPEs: 31EXPL: 2CVE-2015-3042 – Flash - PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution
https://notcve.org/view.php?id=CVE-2015-3042
13 Apr 2015 — Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169... • https://packetstorm.news/files/id/133165 •
CVSS: 10.0EPSS: 4%CPEs: 31EXPL: 0CVE-2015-0347 – Adobe Flash Player AVSource Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0347
13 Apr 2015 — Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html •