This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Adobe First view 2012-08-15
Product Flash Player Last view 2020-06-12
Version 11.2.202.350 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:adobe:flash_player

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2020-06-12 CVE-2020-9633

Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

8.8 2020-02-13 CVE-2020-3757

Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

7.5 2019-09-27 CVE-2019-8075

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

9.8 2019-09-12 CVE-2019-8070

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

9.8 2019-09-12 CVE-2019-8069

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

8.8 2019-06-12 CVE-2019-7845

Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

6.5 2019-05-24 CVE-2019-7090

Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5 2019-05-23 CVE-2019-7108

Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .

9.8 2019-05-23 CVE-2019-7096

Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

8.8 2019-05-22 CVE-2019-7837

Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

7.8 2019-01-18 CVE-2018-15983

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

9.8 2019-01-18 CVE-2018-15982

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

9.8 2018-11-29 CVE-2018-15981

Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

7.5 2018-11-29 CVE-2018-15978

Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5 2018-09-25 CVE-2018-15967

Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.

9.8 2018-08-29 CVE-2018-12828

Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.

7.5 2018-08-29 CVE-2018-12827

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5 2018-08-29 CVE-2018-12826

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

9.8 2018-08-29 CVE-2018-12825

Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.

5.9 2018-08-29 CVE-2018-12824

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

7.5 2018-07-20 CVE-2018-5008

Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

8.8 2018-07-20 CVE-2018-5007

Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

9.8 2018-07-09 CVE-2018-5002

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

6.5 2018-07-09 CVE-2018-5001

Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

6.5 2018-07-09 CVE-2018-5000

Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure.

CWE : Common Weakness Enumeration

%idName
58% (284) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (60) CWE-416 Use After Free
5% (29) CWE-264 Permissions, Privileges, and Access Controls
5% (28) CWE-200 Information Exposure
2% (14) CWE-189 Numeric Errors
2% (12) CWE-704 Incorrect Type Conversion or Cast
2% (11) CWE-125 Out-of-bounds Read
2% (10) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (8) CWE-399 Resource Management Errors
1% (7) CWE-284 Access Control (Authorization) Issues
1% (5) CWE-190 Integer Overflow or Wraparound
0% (4) CWE-352 Cross-Site Request Forgery (CSRF)
0% (3) CWE-787 Out-of-bounds Write
0% (2) CWE-362 Race Condition
0% (2) CWE-346 Origin Validation Error
0% (2) CWE-254 Security Features
0% (1) CWE-426 Untrusted Search Path
0% (1) CWE-129 Improper Validation of Array Index
0% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (1) CWE-20 Improper Input Validation

SAINT Exploits

Description Link
Adobe Flash Player OpenType Font Integer Overflow More info here
Adobe Flash Player SWF Content Regular Expression Heap Overflow More info here
Adobe Pixel Shader More info here

ExploitDB Exploits

id Description
33333 Adobe Flash Player Shader Buffer Overflow
33212 Adobe Flash Player Integer Underflow Remote Code Execution
33095 Adobe Flash Player Type Confusion Remote Code Execution
32959 Adobe Flash Player Regular Expression Heap Overflow
20624 Adobe Flash Player 11.3 Font Parsing Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-03-28 Name : Adobe Air Multiple Vulnerabilities - December12 (Mac OS X)
File : nvt/gb_adobe_air_mult_vuln_dec12_macosx.nasl
2013-03-28 Name : Adobe Air Multiple Vulnerabilities - December12 (Windows)
File : nvt/gb_adobe_air_mult_vuln_dec12_win.nasl
2013-03-28 Name : Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
File : nvt/gb_adobe_air_mult_vuln_nov12_macosx.nasl
2013-03-28 Name : Adobe Air Multiple Vulnerabilities - November12 (Windows)
File : nvt/gb_adobe_air_mult_vuln_nov12_win.nasl
2013-03-28 Name : Adobe Air Multiple Vulnerabilities - October 12 (Mac OS X)
File : nvt/gb_adobe_air_mult_vuln_oct12_macosx.nasl
2013-03-28 Name : Adobe Air Multiple Vulnerabilities - October 12 (Windows)
File : nvt/gb_adobe_air_mult_vuln_oct12_win.nasl
2012-12-14 Name : Adobe Flash Player Multiple Vulnerabilities - December12 (Windows)
File : nvt/gb_adobe_prdts_mult_vuln_dec12_win.nasl
2012-12-14 Name : Adobe Flash Player Multiple Vulnerabilities - December12 (Mac OS X)
File : nvt/gb_adobe_prdts_mult_vuln_dec12_macosx.nasl
2012-12-14 Name : Adobe Flash Player Multiple Vulnerabilities - December12 (Linux)
File : nvt/gb_adobe_flash_player_mult_vuln_dec12_lin.nasl
2012-12-13 Name : SuSE Update for flash-player openSUSE-SU-2012:0996-1 (flash-player)
File : nvt/gb_suse_2012_0996_1.nasl
2012-12-13 Name : SuSE Update for flash-player openSUSE-SU-2012:1480-1 (flash-player)
File : nvt/gb_suse_2012_1480_1.nasl
2012-11-26 Name : FreeBSD Ports: linux-f10-flashplugin
File : nvt/freebsd_linux-f10-flashplugin4.nasl
2012-11-26 Name : FreeBSD Ports: linux-f10-flashplugin
File : nvt/freebsd_linux-f10-flashplugin5.nasl
2012-11-08 Name : Adobe Flash Player Multiple Vulnerabilities - November12 (Linux)
File : nvt/gb_adobe_flash_player_mult_vuln_nov12_lin.nasl
2012-11-08 Name : Adobe Flash Player Multiple Vulnerabilities - November12 (Windows)
File : nvt/gb_adobe_prdts_mult_vuln_nov12_win.nasl
2012-11-08 Name : Adobe Flash Player Multiple Vulnerabilities - November12 (Mac OS X)
File : nvt/gb_adobe_prdts_mult_vuln_nov12_macosx.nasl
2012-10-15 Name : Adobe Flash Player Multiple Vulnerabilities - October 12 (Windows)
File : nvt/gb_adobe_prdts_mult_vuln_oct12_win.nasl
2012-10-15 Name : Adobe Flash Player Multiple Vulnerabilities - Oct12 (Linux)
File : nvt/gb_adobe_flash_player_mult_vuln_oct12_lin.nasl
2012-10-15 Name : Adobe Flash Player Multiple Vulnerabilities - October 12 (Mac OS X)
File : nvt/gb_adobe_prdts_mult_vuln_oct12_macosx.nasl
2012-09-15 Name : Gentoo Security Advisory GLSA 201209-01 (adobe-flash)
File : nvt/glsa_201209_01.nasl
2012-09-03 Name : Adobe Flash Player Multiple Vulnerabilities - Sep12 (Linux)
File : nvt/gb_adobe_flash_player_mult_vuln_sep12_lin.nasl
2012-08-24 Name : Adobe Flash Player Multiple Vulnerabilities -01 August 12 (Windows)
File : nvt/gb_adobe_prdts_mult_vuln01_aug12_win.nasl
2012-08-24 Name : Adobe Flash Player Multiple Vulnerabilities -01 August 12 (Mac OS X)
File : nvt/gb_adobe_prdts_mult_vuln01_aug12_macosx.nasl
2012-08-20 Name : Adobe Flash Player Font Parsing Code Execution Vulnerability - (Windows)
File : nvt/gb_adobe_flash_player_font_parsing_code_exec_vuln_win.nasl
2012-08-20 Name : Adobe Flash Player Font Parsing Code Execution Vulnerability - (Mac OS X)
File : nvt/gb_adobe_flash_player_font_parsing_code_exec_vuln_macosx.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0221 Multiple Vulnerabilities in Adobe Flash Player and AIR
Severity: Category I - VMSKEY: V0061469
2014-A-0093 Multiple Vulnerabilities in Adobe Flash Player and AIR
Severity: Category I - VMSKEY: V0052949
2014-A-0078 Multiple Vulnerabilities in Adobe Flash Player and AIR
Severity: Category I - VMSKEY: V0052485
2014-A-0069 Multiple Vulnerabilities in Adobe Flash Player and AIR
Severity: Category I - VMSKEY: V0050437
2014-A-0060 Adobe Flash Player Buffer Overflow Vulnerability
Severity: Category I - VMSKEY: V0050013
2014-A-0034 Multiple Vulnerabilities in Adobe Flash Player
Severity: Category I - VMSKEY: V0046181
2014-A-0029 Multiple Vulnerabilities in Adobe Flash Player and AIR
Severity: Category I - VMSKEY: V0044537
2014-A-0020 Adobe Flash Player Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0043920
2014-A-0001 Multiple Vulnerabilities in Adobe Flash Player and AIR
Severity: Category I - VMSKEY: V0043404
2013-A-0229 Multiple Vulnerabilities in Adobe Flash Player
Severity: Category I - VMSKEY: V0042595
2013-A-0209 Multiple Vulnerabilities in Adobe Flash Player
Severity: Category I - VMSKEY: V0042292
2013-A-0168 Multiple Vulnerabilities In Adobe Flash Player
Severity: Category I - VMSKEY: V0040297

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-09-19 Adobe Flash Player AVM domain memory range integer overflow attempt
RuleID : 54826 - Type : FILE-FLASH - Revision : 1
2020-09-19 Adobe Flash Player AVM domain memory range integer overflow attempt
RuleID : 54825 - Type : FILE-FLASH - Revision : 1
2019-10-29 Adobe Flash Player ActiveX same origin method execution attempt
RuleID : 51648 - Type : FILE-FLASH - Revision : 1
2019-10-29 Adobe Flash Player use-after-free attempt
RuleID : 51644 - Type : FILE-FLASH - Revision : 1
2019-10-29 Adobe Flash Player use-after-free attempt
RuleID : 51643 - Type : FILE-FLASH - Revision : 1
2019-09-24 Adobe Flash Player malformed ATF heap overflow attempt
RuleID : 51226 - Type : FILE-FLASH - Revision : 1
2019-09-24 Adobe Flash Player malformed ATF heap overflow attempt
RuleID : 51225 - Type : FILE-FLASH - Revision : 1
2019-09-24 Adobe Texture Format file containing invalid texture definition memory corrup...
RuleID : 51224 - Type : FILE-OTHER - Revision : 1
2019-09-24 Adobe Texture Format file containing invalid texture definition memory corrup...
RuleID : 51223 - Type : FILE-OTHER - Revision : 1
2019-09-24 Adobe Flash Player ATF bitmap conversion heap overflow attempt
RuleID : 51222 - Type : FILE-FLASH - Revision : 1
2019-09-24 Adobe Flash Player ATF bitmap conversion heap overflow attempt
RuleID : 51221 - Type : FILE-FLASH - Revision : 1
2019-09-19 Adobe Flash player memory corruption attempt
RuleID : 51082 - Type : FILE-FLASH - Revision : 1
2019-09-19 Adobe Flash player memory corruption attempt
RuleID : 51081 - Type : FILE-FLASH - Revision : 1
2019-08-01 Adobe Flash Player TVSDK metadata use after free attempt
RuleID : 50537 - Type : FILE-FLASH - Revision : 1
2019-08-01 Adobe Flash Player TVSDK metadata use after free attempt
RuleID : 50536 - Type : FILE-FLASH - Revision : 1
2019-08-01 Adobe Flash Player TVSDK metadata use after free attempt
RuleID : 50535 - Type : FILE-FLASH - Revision : 1
2019-08-01 Adobe Flash Player TVSDK metadata use after free attempt
RuleID : 50534 - Type : FILE-FLASH - Revision : 1
2019-07-02 Adobe Flash Player use after free attempt
RuleID : 50268 - Type : FILE-FLASH - Revision : 1
2019-07-02 Adobe Flash Player use after free attempt
RuleID : 50267 - Type : FILE-FLASH - Revision : 1
2019-06-25 Adobe Flash Player writeExternal type confusion attempt
RuleID : 50185 - Type : FILE-FLASH - Revision : 1
2019-06-20 Adobe Flash Player out-of-bounds read attempt
RuleID : 50140 - Type : FILE-FLASH - Revision : 1
2019-06-20 Adobe Flash Player out-of-bounds read attempt
RuleID : 50139 - Type : FILE-FLASH - Revision : 1
2019-05-07 Adobe Flash Player PCRE control character denial of service attempt
RuleID : 49656 - Type : FILE-FLASH - Revision : 1
2019-05-07 Adobe Flash Player PCRE control character denial of service attempt
RuleID : 49655 - Type : FILE-FLASH - Revision : 1
2019-05-07 Adobe Flash Player PCRE control character denial of service attempt
RuleID : 49654 - Type : FILE-FLASH - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-12-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_49cbe200f92a11e8a89dd43d7ef03aa6.nasl - Type: ACT_GATHER_INFO
2018-12-06 Name: The remote Windows host has a browser plugin installed that is affected by mu...
File: flash_player_apsb18-42.nasl - Type: ACT_GATHER_INFO
2018-12-06 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-42.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote Windows host has a browser plugin installed that is affected by an...
File: flash_player_apsb18-44.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_8f128c72ecf911e8aa006451062f0f7a.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-44.nasl - Type: ACT_GATHER_INFO
2018-11-14 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_b69292e8e79811e8ae076451062f0f7a.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Windows host has a browser plugin installed that is affected by mu...
File: flash_player_apsb18-39.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-39.nasl - Type: ACT_GATHER_INFO
2018-09-12 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_f9d73a20b5f011e8b1da6451062f0f7a.nasl - Type: ACT_GATHER_INFO
2018-09-11 Name: The remote Windows host has a browser plugin installed that is affected by an...
File: flash_player_apsb18-31.nasl - Type: ACT_GATHER_INFO
2018-09-11 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-31.nasl - Type: ACT_GATHER_INFO
2018-08-15 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_98b603c89ff311e8ad636451062f0f7a.nasl - Type: ACT_GATHER_INFO
2018-08-14 Name: The remote Windows host has a browser plugin installed that is affected by mu...
File: flash_player_apsb18-25.nasl - Type: ACT_GATHER_INFO
2018-08-14 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-25.nasl - Type: ACT_GATHER_INFO
2018-07-12 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_e78732b2852811e89c426451062f0f7a.nasl - Type: ACT_GATHER_INFO
2018-07-10 Name: The remote Windows host has a browser plugin installed that is affected by mu...
File: flash_player_apsb18-24.nasl - Type: ACT_GATHER_INFO
2018-07-10 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-24.nasl - Type: ACT_GATHER_INFO
2018-06-14 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201806-02.nasl - Type: ACT_GATHER_INFO
2018-06-08 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_2dde5a566ab111e8b6396451062f0f7a.nasl - Type: ACT_GATHER_INFO
2018-06-07 Name: The remote Windows host has a browser plugin installed that is affected by mu...
File: flash_player_apsb18-19.nasl - Type: ACT_GATHER_INFO
2018-06-07 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-19.nasl - Type: ACT_GATHER_INFO
2018-05-09 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_9558d49c534c11e88177d43d7ef03aa6.nasl - Type: ACT_GATHER_INFO
2018-05-08 Name: The remote Windows host has a browser plugin installed that is affected by mu...
File: flash_player_apsb18-16.nasl - Type: ACT_GATHER_INFO
2018-05-08 Name: The remote macOS or Mac OSX host has a browser plugin installed that is affec...
File: macosx_flash_player_apsb18-16.nasl - Type: ACT_GATHER_INFO