Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash Player for Internet Explorer 10 and 11 before 20.0.0.267, Adobe Flash Player for Linux before 11.2.202.559, AIR Desktop Runtime before 20.0.0.233, AIR SDK before 20.0.0.233, AIR SDK & Compiler before 20.0.0.233, AIR for Android before 20.0.0.233.
Max CVSS
10.0
EPSS Score
0.42%
Published
2017-06-27
Updated
2023-05-08

CVE-2016-4171

Known exploited
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
Max CVSS
10.0
EPSS Score
15.60%
Published
2016-06-16
Updated
2021-11-26
CISA KEV Added
2022-03-25

CVE-2008-5499

Public exploit
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.
Max CVSS
9.3
EPSS Score
96.89%
Published
2008-12-18
Updated
2017-08-08
Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.
Max CVSS
9.3
EPSS Score
26.86%
Published
2009-02-26
Updated
2017-09-29
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."
Max CVSS
9.3
EPSS Score
41.05%
Published
2009-02-26
Updated
2017-09-29
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216.
Max CVSS
9.3
EPSS Score
1.37%
Published
2010-08-11
Updated
2018-10-30
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216.
Max CVSS
9.3
EPSS Score
1.37%
Published
2010-08-11
Updated
2018-10-30
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216.
Max CVSS
9.3
EPSS Score
1.24%
Published
2010-08-11
Updated
2018-10-30
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.
Max CVSS
9.3
EPSS Score
1.37%
Published
2010-08-11
Updated
2018-10-30
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.78%
Published
2016-11-08
Updated
2019-05-16
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.78%
Published
2016-11-08
Updated
2019-05-16
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.78%
Published
2016-11-08
Updated
2019-05-16
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.15%
Published
2016-11-08
Updated
2019-05-15
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.15%
Published
2016-11-08
Updated
2019-05-15
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.78%
Published
2016-11-08
Updated
2019-05-15
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.78%
Published
2016-11-08
Updated
2019-05-16
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.78%
Published
2016-11-08
Updated
2019-05-15
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
9.3
EPSS Score
1.15%
Published
2016-11-08
Updated
2019-05-16
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."
Max CVSS
5.8
EPSS Score
1.62%
Published
2009-02-26
Updated
2017-09-29
Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Linux allows local users to obtain sensitive information or gain privileges via a crafted library in a directory contained in the RPATH.
Max CVSS
4.6
EPSS Score
0.04%
Published
2009-02-26
Updated
2017-09-29
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."
Max CVSS
4.3
EPSS Score
0.73%
Published
2009-02-26
Updated
2017-09-29
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue.
Max CVSS
4.3
EPSS Score
0.39%
Published
2010-08-11
Updated
2018-10-30
22 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!