Macromedia Flash Player — known CVE vulnerabilities
Every CVE whose affected-product data names Macromedia Flash Player, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (42)
CVE-2010-3654 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and…
CVE-2010-2176 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2177 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2178 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2180 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2181 — CVSS 9.3 (critical): Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers…
CVE-2010-2182 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2183 — CVSS 9.3 (critical): Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers…
CVE-2010-2184 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2185 — CVSS 9.3 (critical): Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers…
CVE-2010-2186 — CVSS 9.3 (critical): Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows…
CVE-2010-2187 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2188 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2189 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare…
CVE-2009-3793 — CVSS 9.3 (critical): Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows…
CVE-2010-2160 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2161 — CVSS 9.3 (critical): Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow…
CVE-2010-2162 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2163 — CVSS 9.3 (critical): Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610…
CVE-2010-2164 — CVSS 9.3 (critical): Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might…
CVE-2010-2165 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2166 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2167 — CVSS 9.3 (critical): Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610…
CVE-2010-2169 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of…
CVE-2010-2170 — CVSS 9.3 (critical): Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers…
CVE-2010-2171 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2010-2173 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute…
CVE-2010-2174 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute…
CVE-2010-2175 — CVSS 9.3 (critical): Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of…
CVE-2002-0605 — CVSS 7.5 (high): Buffer overflow in Flash OCX for Macromedia Flash 6 revision 23 (6,0,23,0) allows remote attackers to execute arbitrary code via a long…
CVE-2005-3591 — CVSS 7.5 (high): Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote…
CVE-2002-1382 — CVSS 7.5 (high): Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave…
CVE-2002-0477 — CVSS 7.5 (high): Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the…
CVE-2005-2628 — CVSS 5.1 (medium): Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier…
CVE-2006-0024 — CVSS 5.1 (medium): Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a…
CVE-2006-6827 — CVSS 5.0 (medium): Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the…
CVE-2002-0476 — CVSS 5.0 (medium): Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the…
CVE-2002-1467 — CVSS 5.0 (medium): Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an…
CVE-2002-1534 — CVSS 5.0 (medium): Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.
CVE-2002-1625 — CVSS 5.0 (medium): Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial…
CVE-2002-1881 — CVSS 5.0 (medium): Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed…
CVE-2003-1017 — CVSS 5.0 (medium): Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as…