Adobe » Flash Player : Security Vulnerabilities, CVEs, Published In 2018 CVSS score >= 2
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
Max CVSS
10.0
EPSS Score
10.02%
Published
2018-11-29
Updated
2018-12-28
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
7.5
EPSS Score
2.54%
Published
2018-11-29
Updated
2018-12-28
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
7.5
EPSS Score
0.44%
Published
2018-09-25
Updated
2019-10-03
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.
Max CVSS
9.8
EPSS Score
1.62%
Published
2018-08-29
Updated
2019-10-03
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
7.5
EPSS Score
1.78%
Published
2018-08-29
Updated
2018-10-30
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
7.5
EPSS Score
1.49%
Published
2018-08-29
Updated
2018-10-30
Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.
Max CVSS
9.8
EPSS Score
0.79%
Published
2018-08-29
Updated
2019-10-03
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
5.9
EPSS Score
1.07%
Published
2018-08-29
Updated
2018-10-29
Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
7.5
EPSS Score
0.62%
Published
2018-07-20
Updated
2018-09-17
Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
8.8
EPSS Score
1.73%
Published
2018-07-20
Updated
2018-09-17
CVE-2018-5002
Known exploited
Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
10.0
EPSS Score
4.01%
Published
2018-07-09
Updated
2020-08-24
CISA KEV Added
2022-05-23
Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
6.5
EPSS Score
0.60%
Published
2018-07-09
Updated
2019-03-07
Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
6.5
EPSS Score
0.38%
Published
2018-07-09
Updated
2019-03-07
Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
8.8
EPSS Score
1.69%
Published
2018-07-09
Updated
2019-03-07
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
10.0
EPSS Score
18.43%
Published
2018-05-19
Updated
2021-09-08
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
9.3
EPSS Score
93.48%
Published
2018-05-19
Updated
2022-11-18
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
6.5
EPSS Score
94.35%
Published
2018-05-19
Updated
2022-11-18
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
9.3
EPSS Score
93.48%
Published
2018-05-19
Updated
2022-11-18
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
6.5
EPSS Score
3.88%
Published
2018-05-19
Updated
2022-11-18
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Max CVSS
6.5
EPSS Score
0.38%
Published
2018-05-19
Updated
2023-01-26
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
9.3
EPSS Score
1.15%
Published
2018-05-19
Updated
2023-01-26
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
9.3
EPSS Score
1.26%
Published
2018-05-19
Updated
2022-11-18
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Max CVSS
9.3
EPSS Score
1.07%
Published
2018-05-19
Updated
2022-11-18
CVE-2018-4878
Known exploited
Used for ransomware
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
Max CVSS
9.8
EPSS Score
97.28%
Published
2018-02-06
Updated
2022-04-18
CISA KEV Added
2021-11-03
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution.
Max CVSS
10.0
EPSS Score
1.13%
Published
2018-02-06
Updated
2021-09-08