CVSS: 9.8EPSS: 13%CPEs: 75EXPL: 0CVE-2011-0577 – flash-plugin: multiple code execution flaws (APSB11-02)
https://notcve.org/view.php?id=CVE-2011-0577
10 Feb 2011 — Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font. Vulnerabilidad no especificada en Adobe Flash Player antes de v10.2.152.26 permite a atacantes remotos ejecutar código arbitrario a través de una fuente manipulada. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2 •
CVSS: 9.3EPSS: 1%CPEs: 75EXPL: 0CVE-2011-0578 – Adobe Flash Player Point Object Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0578
08 Feb 2011 — Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608. Adobe Flash Player anterior a v10.2.152.26, permite a atacantes remotos ejecutar código de su e... • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 43EXPL: 0CVE-2010-3638
https://notcve.org/view.php?id=CVE-2010-3638
07 Nov 2010 — Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac OS X, when Safari is used, allows attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Adobe Flash Player en versiones anteriores a la 9.0.289.0 y 10.x en versiones anteriores a la 10.1.102.64 en Mac OS X, al usar Safari, permite a atacantes obtener información sensible a través de vectores desconocidos. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html •
CVSS: 9.3EPSS: 96%CPEs: 156EXPL: 3CVE-2010-3654 – Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
https://notcve.org/view.php?id=CVE-2010-3654
29 Oct 2010 — Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. Flash Player de Adobe anterior a versión 9.0.289.0 y versiones 10.x anteriores a 1... • https://www.exploit-db.com/exploits/17187 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 43EXPL: 1CVE-2010-3976
https://notcve.org/view.php?id=CVE-2010-3976
19 Oct 2010 — Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Flash Player. Vulnerabilidad de ruta (path) de búsqueda no confiable en Flash Player de Adobe anterior a versión 9.0.289.0 y versiones 10.x anteriores a 10.1.102.64 en Windows, permite a los ... • http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bflash_player%5D_10.1.x_insecure_dll_hijacking_%28dwmapi.dll%29 •
CVSS: 9.3EPSS: 70%CPEs: 164EXPL: 0CVE-2010-2884 – Flash: crash or potential arbitrary code execution (APSB10-22)
https://notcve.org/view.php?id=CVE-2010-2884
15 Sep 2010 — Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. Vulnerabilidad sin especificar en Adobe Flash Player v10.1.82.76 y anteriores para Windows, ... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html •
CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0CVE-2010-2213 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-2213
11 Aug 2010 — Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216. Adobe Flash Player anterior v9.0.280 y v10.x anterior v10.1.82.76, y Adobe AIR anterior v2.0.3, permite a atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vector... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: 62EXPL: 0CVE-2010-2215 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-2215
11 Aug 2010 — Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue. Adobe Flash Player anterior v9.0.280 y v10.x anterior v10.1.82.76, y Adobe AIR anterior v2.0.3, permite a atacantes engañar a usuarios en (1) la selección de un enlace o (2) completar un diálogo, relacionado con el tema "click-jacking". • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html •
CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0CVE-2010-0209 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-0209
11 Aug 2010 — Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216. Adobe Flash Player anterior a v9.0.280 y v10.x anterior a v10.1.82.76, y Adobe AIR anterior a v2.0.3, permite a atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de ... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0CVE-2010-2214 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-2214
11 Aug 2010 — Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216. Adobe Flash Player anterior a v9.0.280 y v10.x anterior a v10.1.82.76, y Adobe AIR anterior a v2.0.3, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (consumo de memoria) a través de v... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •