Adobe: >> Flash Player >> 16.0.0.287 Security Vulnerabilities
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
8.8
EPSS Score
0.452
Published
2018-05-19
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
6.5
EPSS Score
0.238
Published
2018-05-19
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
8.8
EPSS Score
0.452
Published
2018-05-19
Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
9.8
EPSS Score
0.3
Published
2018-05-19
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
8.8
EPSS Score
0.015
Published
2018-05-19
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS Score
8.8
EPSS Score
0.041
Published
2018-05-19
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.053
Published
2018-02-06
CVE-2018-4878
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.
Known exploited
CVSS Score
9.8
EPSS Score
0.934
Published
2018-02-06
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
CVSS Score
7.5
EPSS Score
0.029
Published
2018-01-09
A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.
CVSS Score
6.5
EPSS Score
0.029
Published
2017-12-13