U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:adobe:flash_player:23.0.0.185
There are 136 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2017-2999

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution.

Published: March 14, 2017; 12:59:00 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2998

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.

Published: March 14, 2017; 12:59:00 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2997

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution.

Published: March 14, 2017; 12:59:00 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2996

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2995

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2994

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2993

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2992

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2991

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2990

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2988

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2987

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2986

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2985

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2984

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2982

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution.

Published: February 15, 2017; 1:59:00 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2938

Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.

Published: January 10, 2017; 11:59:00 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-2937

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2936

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-2935

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.

Published: January 10, 2017; 11:59:00 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH