CVSS: 6.1EPSS: 1%CPEs: 10EXPL: 0CVE-2012-0767 – Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2012-0767
16 Feb 2012 — Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Adobe Flash Player antes de v10.3.183.15 y v11.x a... • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 0CVE-2012-0751
https://notcve.org/view.php?id=CVE-2012-0751
16 Feb 2012 — The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. El control ActiveX de Adobe Flash Player v10.3.183.15 y anterior a v11.1.102.62 11.x en Windows permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 10EXPL: 0CVE-2012-0753 – flash-plugin: multiple code execution flaws (APSB12-03)
https://notcve.org/view.php?id=CVE-2012-0753
16 Feb 2012 — Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data. Adobe Flash Player anterior a v10.3.183.15 y v11.x anterior a v11.1.102.62 en Windows, Mac OS X, Linux, y Solaris; anterior a 11.1.111.6 en Android 2.x y 3.x; y anterior a v11.1.115.6 en Android 4.x permite a at... • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 104EXPL: 0CVE-2011-2428 – flash-plugin: critical flaws fixed in APSB11-26
https://notcve.org/view.php?id=CVE-2011-2428
22 Sep 2011 — Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue." Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída del navegador) a través de vectore... • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 104EXPL: 0CVE-2011-2427 – flash-plugin: critical flaws fixed in APSB11-26
https://notcve.org/view.php?id=CVE-2011-2427
22 Sep 2011 — Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Desbordamiento de búfer basado en pila en el componente ActionScript Virtual Machine (AVM) de Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a... • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 104EXPL: 0CVE-2011-2429 – flash-plugin: security control bypass information disclosure fixed in APSB11-26
https://notcve.org/view.php?id=CVE-2011-2429
22 Sep 2011 — Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass." Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos eludir restricciones de acceso y obtener información sensible a través de vectores no especificados, ... • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 10%CPEs: 104EXPL: 0CVE-2011-2426 – flash-plugin: critical flaws fixed in APSB11-26
https://notcve.org/view.php?id=CVE-2011-2426
22 Sep 2011 — Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en pila en el componente ActionScript Virtual Machine (AVM) de Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos eje... • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 104EXPL: 0CVE-2011-2430 – flash-plugin: critical flaws fixed in APSB11-26
https://notcve.org/view.php?id=CVE-2011-2430
22 Sep 2011 — Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability." Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos ejecutar código de su elección a través de medios de transmisión modificados, relacionado con una "vulnerabilidad de error lógico" • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 104EXPL: 0CVE-2011-2444 – flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26
https://notcve.org/view.php?id=CVE-2011-2444
22 Sep 2011 — Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v1... • http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 22%CPEs: 124EXPL: 0CVE-2011-2424 – flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
https://notcve.org/view.php?id=CVE-2011-2424
15 Aug 2011 — Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures." Adobe Flash Player anterior a v10.3.183.5 en Windows, Mac OS X, Linux y Solaris, y anterior a v10.3.186.3 en Android, y Adobe AIR anteri... • http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •