U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:adobe:flash_player:23.0.0.162::~~~internet_explorer~~
There are 113 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-8070

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

Published: September 12, 2019; 3:15:11 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2019-8069

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.

Published: September 12, 2019; 3:15:11 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2019-7845

Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and earlier, and 32.0.0.192 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: June 12, 2019; 12:29:00 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-4937

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Published: May 19, 2018; 1:29:01 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-4936

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.

Published: May 19, 2018; 1:29:01 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4935

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Published: May 19, 2018; 1:29:01 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-4934

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Published: May 19, 2018; 1:29:01 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4933

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Published: May 19, 2018; 1:29:01 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4932

Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Published: May 19, 2018; 1:29:01 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-4920

Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Published: May 19, 2018; 1:29:00 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-4919

Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Published: May 19, 2018; 1:29:00 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-11305

A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.

Published: December 13, 2017; 4:29:00 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-11282

Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

Published: December 01, 2017; 3:29:00 AM -0500
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-11281

Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.

Published: December 01, 2017; 3:29:00 AM -0500
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-11292

Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution.

Published: October 22, 2017; 3:29:00 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.0 MEDIUM
CVE-2017-3106

Adobe Flash Player versions 26.0.0.137 and earlier have an exploitable type confusion vulnerability when parsing SWF files. Successful exploitation could lead to arbitrary code execution.

Published: August 11, 2017; 3:29:02 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-3085

Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect.

Published: August 11, 2017; 3:29:02 PM -0400
V3.1: 7.4 HIGH
V2.0: 4.3 MEDIUM
CVE-2017-3100

Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure.

Published: July 17, 2017; 9:18:26 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-3099

Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution.

Published: July 17, 2017; 9:18:26 AM -0400
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-3080

Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure.

Published: July 17, 2017; 9:18:26 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM