COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Flash Player product

33
failure events
0
zero-days
19
RCEs
33
on KEV
4
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 33 events

DateEventSevFlagsShameSummary
2022-03-03 CVE-2016-1019 critical ⚡RCE ⌖KEV 95 Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
2022-03-03 CVE-2015-7645 critical ⚡RCE ⌖KEV 95 Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file.
2021-11-03 CVE-2018-4878 critical ⚡RCE ⌖KEV 95 Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.
2022-02-15 CVE-2018-15982 critical ⌖KEV 80 Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability
2024-09-17 CVE-2013-0648 high ⚡RCE ⌖KEV 65 Adobe Flash Player contains an unspecified vulnerability in the ExternalInterface ActionScript functionality that allows a remote attacker to execute arbitrary code via crafted SWF content.
2024-09-17 CVE-2014-0497 high ⚡RCE ⌖KEV 65 Adobe Flash Player contains an integer underflow vulnerability that allows a remote attacker to execute arbitrary code.
2024-09-17 CVE-2013-0643 high ⚡RCE ⌖KEV 65 Adobe Flash Player contains an incorrect default permissions vulnerability in the Firefox sandbox that allows a remote attacker to execute arbitrary code via crafted SWF content.
2024-09-17 CVE-2014-0502 high ⚡RCE ⌖KEV 65 Adobe Flash Player contains a double free vulnerability that allows a remote attacker to execute arbitrary code.
2022-05-25 CVE-2014-8439 high ⚡RCE ⌖KEV 65 Adobe Flash Player has a vulnerability in the way it handles a dereferenced memory pointer which could lead to code execution.
2022-05-23 CVE-2018-5002 high ⚡RCE ⌖KEV 65 Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.
2022-04-13 CVE-2015-0311 high ⚡RCE ⌖KEV 65 Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.
2022-03-28 CVE-2012-2034 high ⚡RCE ⌖KEV 65 Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS).
2022-03-25 CVE-2016-4171 high ⚡RCE ⌖KEV 65 Unspecified vulnerability in Adobe Flash Player allows for remote code execution.
2022-03-03 CVE-2012-1535 high ⚡RCE ⌖KEV 65 Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.
2022-03-03 CVE-2015-3043 high ⚡RCE ⌖KEV 65 A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.
2022-03-03 CVE-2015-5119 high ⚡RCE ⌖KEV 65 A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.
2022-03-03 CVE-2016-4117 high ⚡RCE ⌖KEV 65 An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
2022-03-03 CVE-2016-7855 high ⚡RCE ⌖KEV 65 Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
2022-03-03 CVE-2011-0611 high ⚡RCE ⌖KEV 65 Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.
2022-03-03 CVE-2017-11292 high ⚡RCE ⌖KEV 65 Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.
2022-06-08 CVE-2012-5054 high ⌖KEV 50 Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments.
2022-06-08 CVE-2012-0767 high ⌖KEV 50 Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.
2022-06-08 CVE-2011-0609 high ⌖KEV 50 Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).
2022-06-08 CVE-2010-1297 high ⌖KEV 50 Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).
2022-06-08 CVE-2012-0754 high ⌖KEV 50 Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).
2022-05-25 CVE-2015-8651 high ⌖KEV 50 Integer overflow in Adobe Flash Player allows attackers to execute code.
2022-05-25 CVE-2015-0310 high ⌖KEV 50 Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.
2022-04-13 CVE-2015-5122 high ⌖KEV 50 Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
2022-04-13 CVE-2015-5123 high ⌖KEV 50 Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
2022-04-13 CVE-2014-9163 high ⌖KEV 50 Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.
2022-04-13 CVE-2015-3113 high ⌖KEV 50 Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.
2022-04-13 CVE-2015-0313 high ⌖KEV 50 Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.
2022-03-25 CVE-2016-7892 high ⌖KEV 50 Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.