Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2015-01-13 CVE-2015-0305 Type Confusion Remote Code Execution vulnerability in Adobe Flash Player and AIR
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
network
adobe linux apple microsoft
critical
 9.3
9.3
2015-01-13 CVE-2015-0304 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0309.
network
low complexity
adobe apple microsoft linux CWE-119
critical
 10.0
10
2015-01-13 CVE-2015-0303 Memory Corruption vulnerability in Adobe Flash Player and AIR
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0306.
network
low complexity
adobe linux apple microsoft
critical
 10.0
10
2015-01-13 CVE-2015-0302 Information Disclosure vulnerability in Adobe Flash Player and AIR
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to obtain sensitive keystroke information via unspecified vectors.
network
low complexity
adobe linux apple microsoft
5.0
5.0
2015-01-13 CVE-2015-0301 Improper Input Validation vulnerability in Adobe products
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors.
network
low complexity
adobe apple microsoft linux CWE-20
critical
 10.0
10
2014-12-10 CVE-2014-9166 Unspecified vulnerability in Adobe Coldfusion 10.0/11.0
Adobe ColdFusion 10 before Update 15 and 11 before Update 3 allows attackers to cause a denial of service (resource consumption) via unspecified vectors.
network
low complexity
adobe
5.0
5.0
2014-12-10 CVE-2014-9165 Use After Free Remote Code Execution vulnerability in Adobe Reader and Acrobat
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-8455.
network
low complexity
adobe apple microsoft
critical
 10.0
10
2014-12-10 CVE-2014-9164 Code Injection vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0587.
network
low complexity
adobe apple microsoft linux CWE-94
critical
 10.0
10
2014-12-10 CVE-2014-9163 Stack Based Buffer Overflow vulnerability in Adobe Flash Player
Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014.
network
low complexity
adobe apple microsoft linux
critical
 10.0
10
2014-12-10 CVE-2014-9162 Information Exposure vulnerability in Adobe Flash Player
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
adobe apple microsoft linux CWE-200
critical
 10.0
10