Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe flash player vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-3457
Adobe Flash Player 8.0.34.0 and previous versions insufficiently validates HTTP Referer headers, which might allow remote malicious users to conduct a CSRF attack via a crafted SWF file.
Adobe Flash Player
4.3
CVSSv2
CVE-2008-3873
The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and previous versions allows remote malicious users to populate the clipboard with a URL that is difficult to delete and does not require user interaction to populate the clipboard, as exploited in the...
Adobe Flash Player
9.3
CVSSv2
CVE-2008-4824
Multiple unspecified vulnerabilities in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0 allow remote malicious users to execute arbitrary code via unknown vectors related to "input validation errors."
Adobe Flash Player
5
CVSSv2
CVE-2007-4324
ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0, and other versions and other 9.0.124.0 and previous versions versions, allows remote malicious users to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that...
Adobe Flash Player
4.3
CVSSv2
CVE-2008-5361
The ActionScript 2 virtual machine in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0, and Adobe AIR prior to 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspec...
Adobe Air
Adobe Flash Player
4.3
CVSSv2
CVE-2008-5363
The ActionScript 2 virtual machine in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0, and Adobe AIR prior to 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote malicious users to cause a denia...
Adobe Air
Adobe Flash Player
4.3
CVSSv2
CVE-2008-5362
The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0, and Adobe AIR prior to 1.5, accepts an untrusted input value for a "constant count," which allows remote malicious users to rea...
Adobe Flash Player
Adobe Air
2.6
CVSSv2
CVE-2006-3588
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote malicious users to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587.
Adobe Flash Player 8.0.24.0
5.1
CVSSv2
CVE-2006-3587
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote malicious users to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors.
Adobe Flash Player 8.0.24.0
10
CVSSv2
CVE-2014-0510
Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote malicious users to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014.
Adobe Flash Player 12.0.0.77
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »