CVSS: 10.0EPSS: 1%CPEs: 54EXPL: 0CVE-2014-0542 – flash-plugin: multiple code execution or security bypass flaws (APSB14-18)
https://notcve.org/view.php?id=CVE-2014-0542
12 Aug 2014 — Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0540, CVE-2014-0543, CVE-2014-0544, and CVE-2014... • http://helpx.adobe.com/security/products/flash-player/apsb14-18.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 54EXPL: 0CVE-2014-0540 – Adobe Flash Player Vector Object Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-0540
12 Aug 2014 — Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, and CVE-2014... • http://helpx.adobe.com/security/products/flash-player/apsb14-18.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 6%CPEs: 43EXPL: 3CVE-2014-4671 – flash-plugin: vulnerable JSONP callback APIs issue (APSB14-17)
https://notcve.org/view.php?id=CVE-2014-4671
09 Jul 2014 — Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 do not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information, via a crafted OBJECT element with SWF content satisfying the character-set requirement... • https://packetstorm.news/files/id/180652 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 2%CPEs: 43EXPL: 0CVE-2014-0539 – flash-plugin: security protection bypass (APSB14-17)
https://notcve.org/view.php?id=CVE-2014-0539
09 Jul 2014 — Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0537. Adobe Flash Player anterior a 13.0.0.231 y 14.x anterior a 14.0.0.145 en Windows y OS X y anterior a 11.2.202.394 en Linux, Adobe AIR anterior a 14.... • http://helpx.adobe.com/security/products/flash-player/apsb14-17.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 2%CPEs: 43EXPL: 0CVE-2014-0537 – flash-plugin: security protection bypass (APSB14-17)
https://notcve.org/view.php?id=CVE-2014-0537
09 Jul 2014 — Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0539. Adobe Flash Player anterior a 13.0.0.231 y 14.x anterior a 14.0.0.145 en Windows y OS X y anterior a 11.2.202.394 en Linux, Adobe AIR anterior a 14.... • http://helpx.adobe.com/security/products/flash-player/apsb14-17.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 5%CPEs: 38EXPL: 0CVE-2014-0536 – flash-plugin: arbitrary code execution flaws (APSB14-16)
https://notcve.org/view.php?id=CVE-2014-0536
11 Jun 2014 — Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player anterior a 13.0.0.223 y 14.x anterior a 14.0.0.125 en Windows y OS X y anterior a 11.2.202.378 en Linux, Adobe AIR anterior a 14.0.0.110, Adobe AIR SD... • http://helpx.adobe.com/security/products/flash-player/apsb14-16.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 38EXPL: 0CVE-2014-0533 – flash-plugin: multiple cross-site scripting flaws (APSB14-16)
https://notcve.org/view.php?id=CVE-2014-0533
11 Jun 2014 — Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0532. Vulnerabilidad de XSS en Adobe Flash Player anterior a 13.0.0.223 y 14.x anterior a 14.0.... • http://helpx.adobe.com/security/products/flash-player/apsb14-16.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 38EXPL: 0CVE-2014-0531 – flash-plugin: multiple cross-site scripting flaws (APSB14-16)
https://notcve.org/view.php?id=CVE-2014-0531
11 Jun 2014 — Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0532 and CVE-2014-0533. Vulnerabilidad de XSS en Adobe Flash Player anterior a 13.0.0.223 y 14.x anterior a 14.0.... • http://helpx.adobe.com/security/products/flash-player/apsb14-16.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 38EXPL: 0CVE-2014-0532 – flash-plugin: multiple cross-site scripting flaws (APSB14-16)
https://notcve.org/view.php?id=CVE-2014-0532
11 Jun 2014 — Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0533. Vulnerabilidad de XSS en Adobe Flash Player anterior a 13.0.0.223 y 14.x anterior a 14.0.... • http://helpx.adobe.com/security/products/flash-player/apsb14-16.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 5%CPEs: 38EXPL: 0CVE-2014-0535 – flash-plugin: arbitrary code execution flaws (APSB14-16)
https://notcve.org/view.php?id=CVE-2014-0535
11 Jun 2014 — Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0534. Adobe Flash Player anterior a 13.0.0.223 y 14.x anterior a 14.0.0.125 en Windows y OS X y anterior a 11.2.202.378 en Linux, Adobe AIR anterior a 14.0.0.110, Ad... • http://helpx.adobe.com/security/products/flash-player/apsb14-16.html • CWE-264: Permissions, Privileges, and Access Controls •