Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2016-06-16 CVE-2016-4171 Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016.
network
low complexity
adobe redhat suse opensuse
critical
9.8
2016-06-16 CVE-2016-4167 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe DNG Software Development KIT 1.4.2012
Adobe DNG Software Development Kit (SDK) before 1.4 2016 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe CWE-119
critical
9.8
2016-06-16 CVE-2016-4166 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.
network
low complexity
adobe CWE-787
8.8
2016-06-16 CVE-2016-4165 Improper Input Validation vulnerability in Adobe Brackets 1.6
The extension manager in Adobe Brackets before 1.7 allows attackers to have an unspecified impact via invalid input.
network
low complexity
adobe CWE-20
critical
9.8
2016-06-16 CVE-2016-4164 Cross-site Scripting vulnerability in Adobe Brackets 1.6
Cross-site scripting (XSS) vulnerability in Adobe Brackets before 1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
adobe CWE-79
6.1
2016-06-16 CVE-2016-4163 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4162.
network
low complexity
adobe CWE-119
critical
9.8
2016-06-16 CVE-2016-4162 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, and CVE-2016-4163.
network
low complexity
adobe CWE-119
critical
9.8
2016-06-16 CVE-2016-4161 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163.
network
low complexity
adobe CWE-119
critical
9.8
2016-06-16 CVE-2016-4160 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.
network
low complexity
adobe CWE-119
critical
9.8
2016-06-16 CVE-2016-4159 Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
adobe CWE-79
6.1