National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): adobe flash
  • Search Type: Search Last 3 Months
  • Contains Software Flaws (CVE)
There are 4 matching records.
Vuln ID Summary CVSS Severity
CVE-2018-15981

Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: November 29, 2018; 03:29:00 PM -05:00
(not available)
CVE-2018-15978

Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Published: November 29, 2018; 03:29:00 PM -05:00
(not available)
CVE-2018-12364

NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.

Published: October 18, 2018; 09:29:02 AM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-15967

Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.

Published: September 25, 2018; 09:29:02 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM