Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe flash player vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-6243
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote malicious users to conduct cross-domain and cross-site scripting (XSS) atta...
Adobe Flash Player
9.3
CVSSv2
CVE-2008-3872
Adobe Flash Player 8.0.39.0 and previous versions, and 9.x up to 9.0.115.0, allows remote malicious users to bypass the allowScriptAccess parameter setting via a crafted SWF file with unspecified "Filter evasion" manipulations.
Adobe Flash Player
9.3
CVSSv2
CVE-2007-0071
Integer overflow in Adobe Flash Player 9.0.115.0 and previous versions, and 8.0.39.0 and previous versions, allows remote malicious users to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of ...
Adobe Flash Player
1 Article
5
CVSSv2
CVE-2006-5330
CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and previous versions for Windows, 7.0.63 and previous versions for Linux, 7.x prior to 7.0 r67 for Solaris, and prior to 9.0.28.0 for Mac OS X, allows remote malicious users to modify HTTP headers of client request...
Adobe Flash Player
4.3
CVSSv2
CVE-2008-5363
The ActionScript 2 virtual machine in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0, and Adobe AIR prior to 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote malicious users to cause a denia...
Adobe Air
Adobe Flash Player
4.3
CVSSv2
CVE-2008-5362
The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0, and Adobe AIR prior to 1.5, accepts an untrusted input value for a "constant count," which allows remote malicious users to rea...
Adobe Flash Player
Adobe Air
4.3
CVSSv2
CVE-2008-5361
The ActionScript 2 virtual machine in Adobe Flash Player 10.x prior to 10.0.12.36 and 9.x prior to 9.0.151.0, and Adobe AIR prior to 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspec...
Adobe Air
Adobe Flash Player
9.3
CVSSv2
CVE-2010-3975
Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash.
Adobe Flash Player 9.0
2.6
CVSSv2
CVE-2006-3588
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote malicious users to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587.
Adobe Flash Player 8.0.24.0
10
CVSSv2
CVE-2014-0510
Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote malicious users to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014.
Adobe Flash Player 12.0.0.77
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »