CVSS: 10.0EPSS: 59%CPEs: 1EXPL: 0CVE-2014-0510 – Adobe Flash Display Object Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0510
27 Mar 2014 — Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player 12.0.0.77 permite a atacantes remotos ejecutar código arbitrario y evadir un mecanismo de protección sandbox a través de vectores no especificados, como fue demostrad... • http://helpx.adobe.com/security/products/flash-player/apsb14-14.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 10.0EPSS: 40%CPEs: 2EXPL: 0CVE-2014-0506 – Adobe Flash ExternalInterface Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0506
27 Mar 2014 — Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to execute arbitrary code, and possibly bypass an Internet Explorer sandbox protection mechanism, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Una v... • http://helpx.adobe.com/security/products/flash-player/apsb14-09.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2014-0503 – flash-plugin: same origin policy bypass (APSB14-08)
https://notcve.org/view.php?id=CVE-2014-0503
12 Mar 2014 — Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Adobe Flash Player anterior a 11.7.700.272 y 11.8.x hasta 12.0.x anterior a 12.0.0.77 en Windows y OS X, y anterior a 11.2.202.346 en Linux, permite a atacantes remotos evadir Same Origin Policy a través de vectores no especificados. The flash-plugin package contains a Mozilla Firefox compati... • http://helpx.adobe.com/security/products/flash-player/apsb14-08.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2014-0504 – flash-plugin: exposure of clipboard contents (APSB14-08)
https://notcve.org/view.php?id=CVE-2014-0504
12 Mar 2014 — Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors. Adobe Flash Player anterior a 11.7.700.272 y 11.8.x hasta 12.0.x anterior a 12.0.0.77 en Windows y OS X, y anterior a 11.2.202.346 en Linux, permite a atacantes remotos leer el portapapeles a través de vectores no especificados. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player ... • http://helpx.adobe.com/security/products/flash-player/apsb14-08.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-0499 – flash-plugin: multiple flaws lead to arbitrary code execution (APSB14-07)
https://notcve.org/view.php?id=CVE-2014-0499
21 Feb 2014 — Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 do not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors. Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x anterior a 12.0.0.70 en Windows y Mac OS... • http://helpx.adobe.com/security/products/flash-player/apsb14-07.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 22%CPEs: 9EXPL: 0CVE-2014-0498 – Adobe Flash Player RegExp Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0498
21 Feb 2014 — Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer basado en pila en Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x anterior a 12.0.0.70 en Windows y Mac OS X y ... • http://helpx.adobe.com/security/products/flash-player/apsb14-07.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 35%CPEs: 9EXPL: 0CVE-2014-0502 – Adobe Flash Player Double Free Vulnerablity
https://notcve.org/view.php?id=CVE-2014-0502
21 Feb 2014 — Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2014. Vulnerabilidad de doble liberación en Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x an... • http://helpx.adobe.com/security/products/flash-player/apsb14-07.html • CWE-399: Resource Management Errors CWE-415: Double Free •
CVSS: 10.0EPSS: 97%CPEs: 6EXPL: 3CVE-2014-0497 – Adobe Flash Player Integer Underflow Vulnerablity
https://notcve.org/view.php?id=CVE-2014-0497
05 Feb 2014 — Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento inferior de enteros en Adobe Flash Player anterior a 11.7.700.261 y 11.8.x hasta 12.0.x anterior a 12.0.0.44 en Windows y Mac OS X, y anterior a 11.2.202.336 en Linux, permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados... • https://packetstorm.news/files/id/126489 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0CVE-2014-0491 – flash-plugin: security protection bypass (APSB14-02)
https://notcve.org/view.php?id=CVE-2014-0491
15 Jan 2014 — Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors. Adobe Flash Player anteriores a 11.7.700.260 y 11.8.x y 11.9.x anteriores a 12.0.0.38 en Windows y mac OS X y anteriores a 112.202.335 en Linux, Adobe AIR anteriores a 4.0.0.1390, Adobe ... • http://helpx.adobe.com/security/products/flash-player/apsb14-02.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 11%CPEs: 9EXPL: 0CVE-2014-0492 – Adobe Flash Player Jump Opcode Information Leak Vulnerability
https://notcve.org/view.php?id=CVE-2014-0492
15 Jan 2014 — Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR protection mechanism by leveraging an "address leak." Adobe Flash Player anteriores a 11.7.700.260 y 11.8.x y 11.9.x anteriores a 12.0.0.38 en Windows y Mac OS X y anteriores a 11.2.202.335 en Linux, Adobe AIR anteriores a 4.0.0.139... • http://helpx.adobe.com/security/products/flash-player/apsb14-02.html • CWE-264: Permissions, Privileges, and Access Controls •