Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2016-10-13 CVE-2016-6986 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990.
network
low complexity
adobe CWE-787
8.8
8.8
2016-10-13 CVE-2016-6985 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
network
low complexity
adobe CWE-787
8.8
8.8
2016-10-13 CVE-2016-6984 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
network
low complexity
adobe CWE-787
8.8
8.8
2016-10-13 CVE-2016-6983 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
network
low complexity
adobe CWE-787
8.8
8.8
2016-10-13 CVE-2016-6982 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
network
low complexity
adobe CWE-787
8.8
8.8
2016-10-13 CVE-2016-6981 Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987.
network
low complexity
adobe CWE-416
8.8
8.8
2016-10-13 CVE-2016-6935 Unquoted Search Path or Element vulnerability in Adobe Creative Cloud
Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.
local
low complexity
adobe CWE-428
7.8
7.8
2016-10-13 CVE-2016-4286 Improper Access Control vulnerability in multiple products
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors.
network
low complexity
adobe redhat CWE-284
8.8
8.8
2016-10-13 CVE-2016-4273 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990.
network
low complexity
adobe CWE-787
8.8
8.8
2016-10-13 CVE-2016-7065 Deserialization of Untrusted Data vulnerability in Redhat Jboss Enterprise Application Platform 4.0.0/5.0.0
The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object.
network
low complexity
redhat CWE-502
8.8
8.8