CVSS: 10.0EPSS: 7%CPEs: 25EXPL: 0CVE-2015-0309 – flash-plugin: Multiple code-execution flaws (APSB15-01)
https://notcve.org/view.php?id=CVE-2015-0309
13 Jan 2015 — Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0304. Desbordamiento de buffer en memoria en Adobe Flash Player anterior a 13.0.0... • http://helpx.adobe.com/security/products/flash-player/apsb15-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 25EXPL: 0CVE-2015-0301 – flash-plugin: Information disclosure via various methods (APSB15-01)
https://notcve.org/view.php?id=CVE-2015-0301
13 Jan 2015 — Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors. Adobe Flash Player anterior a 13.0.0.260 y 14.x a través de 16.x anterior a 16.0.0.257 en Windows y OS X y anterior a 11.2.202.429 en Linu... • http://helpx.adobe.com/security/products/flash-player/apsb15-01.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 3%CPEs: 25EXPL: 0CVE-2015-0308 – flash-plugin: Multiple code-execution flaws (APSB15-01)
https://notcve.org/view.php?id=CVE-2015-0308
13 Jan 2015 — Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.260 y 14.x a través de 16.x anterio... • http://helpx.adobe.com/security/products/flash-player/apsb15-01.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2015-0302 – flash-plugin: Information disclosure via various methods (APSB15-01)
https://notcve.org/view.php?id=CVE-2015-0302
13 Jan 2015 — Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspecified vectors. Adobe Flash Player anterior a 13.0.0.260 y 14.x a través de 16.x anterior a 16.0.0.257 en Windows y OS X y anterior a 11.2.202.429 en Li... • http://helpx.adobe.com/security/products/flash-player/apsb15-01.html •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2014-0587 – flash-plugin: Multiple code-execution flaws (APSB14-27)
https://notcve.org/view.php?id=CVE-2014-0587
10 Dec 2014 — Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164. Adobe Flash Player anterior a 13.0.0.259 y 14.x hasta 16.x anterior a 16.0.0.235 en Windows y OS X y anterior a 11.2.202.425 en Linux permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (c... • http://helpx.adobe.com/security/products/flash-player/apsb14-27.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 1%CPEs: 39EXPL: 0CVE-2009-0114
https://notcve.org/view.php?id=CVE-2009-0114
26 Feb 2009 — Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant." Una vulnerabilidad no especificada en Administrador de configuración de Adobe Flash Player 9.x antes de 9.0.159.0, 10.x antes de 10.0.22.87 y, posiblemente otras versiones, permite a atacantes remotos engañar a un usu... • http://isc.sans.org/diary.html?storyid=5929 •
CVSS: 9.3EPSS: 66%CPEs: 38EXPL: 1CVE-2009-0520 – Adobe Flash Player 9/10 - Invalid Object Reference Remote Code Execution
https://notcve.org/view.php?id=CVE-2009-0520
26 Feb 2009 — Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue." Adobe Flash Player v9.x anteriores a v9.0.159.0 y 10.x before 10.0.22.87 no elimina apropiadamente referencias a objetos destruidos durante el procesado de un archivo Shockwave Flash, lo que permite a los atacantes remotos ejecutar ar... • https://www.exploit-db.com/exploits/32811 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 52%CPEs: 38EXPL: 0CVE-2009-0519 – flash-plugin: Input validation flaw (DoS)
https://notcve.org/view.php?id=CVE-2009-0519
26 Feb 2009 — Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file. Vulnerabilidad no especificada en Adobe Flash Player 9.x anteriores a v9.0.159.0 y v10.x anteriores a v10.0.22.87, permiten a atacantes remotos provocar una denegación de servicio (caída del navegador) o posiblemente ejecutar código de su elección a través de un fi... • http://isc.sans.org/diary.html?storyid=5929 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 39EXPL: 0CVE-2009-0522
https://notcve.org/view.php?id=CVE-2009-0522
26 Feb 2009 — Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack." Adobe Flash Player 9.x antes de la 9.0.159.0 y 10.x antes de la 10.0.22.87 sobre Windows permite a atacantes remotos engañar a un usuario para que visite una URL arbitraria a través de una manipulación no especificada de la "pantalla el puntero del ratón", relaci... • http://isc.sans.org/diary.html?storyid=5929 •
CVSS: 8.8EPSS: 68%CPEs: 4EXPL: 1CVE-2006-3311
https://notcve.org/view.php?id=CVE-2006-3311
12 Sep 2006 — Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. Desbordamiento de búfer en Adobe Flash Player 8.0.24.0 y anteriores, Flash Professional 8, Flash MX 2004, y Flex 1.5 permite a un atacante con la complicidad del usuario ejecutar código de su elección a través de una cadena grande y creada dinamicamente en una película SWF. • http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html •