Vulnerabilities > Adobe > Flash Player > 11.1.115.69

DATE CVE VULNERABILITY TITLE RISK
2015-01-13 CVE-2015-0302 Information Disclosure vulnerability in Adobe Flash Player and AIR
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspecified vectors.
network
low complexity
adobe linux apple microsoft
5.0
5.0
2015-01-13 CVE-2015-0301 Improper Input Validation vulnerability in Adobe products
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors.
network
low complexity
adobe apple microsoft linux CWE-20
critical
 10.0
10
2014-12-10 CVE-2014-9164 Code Injection vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587.
network
low complexity
adobe apple microsoft linux CWE-94
critical
 10.0
10
2014-12-10 CVE-2014-9163 Stack Based Buffer Overflow vulnerability in Adobe Flash Player
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.
network
low complexity
adobe apple microsoft linux
critical
 10.0
10
2014-12-10 CVE-2014-9162 Information Exposure vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
adobe apple microsoft linux CWE-200
critical
 10.0
10
2014-12-10 CVE-2014-8443 Use After Free Remote Code Execution vulnerability in Adobe Flash Player
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux
critical
 10.0
10
2014-12-10 CVE-2014-0587 Code Injection vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9164.
network
low complexity
adobe apple microsoft linux CWE-94
critical
 10.0
10
2014-11-25 CVE-2014-8439 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 13.0.0.258 and 14.x and 15.x before 15.0.0.239 on Windows and OS X and before 11.2.202.424 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
network
low complexity
adobe CWE-119
critical
 10.0
10
2014-11-11 CVE-2014-8442 Permissions, Privileges, and Access Controls vulnerability in Adobe products
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to complete a transition from Low Integrity to Medium Integrity by leveraging incorrect permissions.
network
low complexity
adobe apple microsoft linux CWE-264
7.5
7.5
2014-11-11 CVE-2014-8441 Memory Corruption vulnerability in Adobe Flash Player and AIR
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8440.
network
low complexity
adobe apple microsoft linux
critical
 10.0
10