Search
Total
1364 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-6506 | 1 Azure Dex | 1 Data Expert Ultimate | 2017-03-15 | 7.5 HIGH | 9.8 CRITICAL |
| In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string. | |||||
| CVE-2017-6465 | 1 Ftpshell | 1 Ftpshell Client | 2017-03-14 | 7.5 HIGH | 9.8 CRITICAL |
| Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation. | |||||
| CVE-2017-2785 | 1 Pharos | 1 Popup | 2017-03-14 | 10.0 HIGH | 10.0 CRITICAL |
| An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | |||||
| CVE-2017-2787 | 1 Pharos | 1 Popup | 2017-03-14 | 9.3 HIGH | 9.0 CRITICAL |
| A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | |||||
| CVE-2017-2788 | 1 Pharos | 1 Popup | 2017-03-14 | 10.0 HIGH | 10.0 CRITICAL |
| A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim's computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit. | |||||
| CVE-2017-6416 | 1 Flexense | 1 Sysgauge | 2017-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string. | |||||
| CVE-2016-9558 | 1 Libdwarf Project | 1 Libdwarf | 2017-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| (1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow." | |||||
| CVE-2017-2790 | 1 Justsystems | 1 Ichitaro | 2017-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application. | |||||
| CVE-2017-2789 | 1 Justsystems | 1 Ichitaro | 2017-03-02 | 7.5 HIGH | 9.8 CRITICAL |
| When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application. | |||||
| CVE-2016-8364 | 1 Ibhsoftec | 1 S7-softplc | 2017-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object memory can read a network packet that is larger than the space that is available, a Heap-based Buffer Overflow. | |||||
| CVE-2016-10192 | 1 Ffmpeg | 1 Ffmpeg | 2017-02-24 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size. | |||||
| CVE-2015-8459 | 5 Adobe, Apple, Google and 2 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2017-02-17 | 10.0 HIGH | 10.0 CRITICAL |
| Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645. | |||||
| CVE-2016-8411 | 1 Google | 1 Android | 2017-02-07 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775. | |||||
| CVE-2016-9054 | 1 Aerospike | 1 Database Server | 2017-01-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_list_by_set_binid resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability. | |||||
| CVE-2016-9307 | 1 Autodesk | 1 Fbx Software Development Kit | 2017-01-28 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files. | |||||
| CVE-2016-9306 | 1 Autodesk | 1 Fbx Software Development Kit | 2017-01-28 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files. | |||||
| CVE-2016-9303 | 1 Autodesk | 1 Fbx Software Development Kit | 2017-01-28 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files. | |||||
| CVE-2016-9052 | 1 Aerospike | 1 Database Server | 2017-01-28 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_by_iname resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerability. | |||||
| CVE-2016-8440 | 1 Linux | 1 Linux Kernel | 2017-01-23 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747. | |||||
| CVE-2016-9679 | 1 Citrix | 1 Provisioning Services | 2017-01-23 | 7.5 HIGH | 9.8 CRITICAL |
| Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer. | |||||
| CVE-2016-9676 | 1 Citrix | 1 Provisioning Services | 2017-01-23 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-8459 | 1 Linux | 1 Linux Kernel | 2017-01-18 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462. | |||||
| CVE-2016-6354 | 2 Debian, Flex Project | 2 Debian Linux, Flex | 2017-01-18 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read. | |||||
| CVE-2016-8439 | 1 Linux | 1 Linux Kernel | 2017-01-18 | 10.0 HIGH | 9.8 CRITICAL |
| Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804. | |||||
| CVE-2015-2868 | 1 Trane | 1 Comfortlink Ii Firmware | 2017-01-11 | 10.0 HIGH | 9.8 CRITICAL |
| An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution. | |||||
| CVE-2016-6830 | 1 Call-cc | 1 Chicken | 2017-01-11 | 7.5 HIGH | 9.8 CRITICAL |
| The "process-execute" and "process-spawn" procedures in CHICKEN Scheme used fixed-size buffers for holding the arguments and environment variables to use in its execve() call. This would allow user-supplied argument/environment variable lists to trigger a buffer overrun. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). | |||||
| CVE-2014-9912 | 1 Php | 1 Php | 2017-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument. | |||||
| CVE-2016-6890 | 1 Matrixssl | 1 Matrixssl | 2017-01-06 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate. | |||||
| CVE-2016-0962 | 5 Adobe, Apple, Google and 2 more | 13 Air, Air Sdk, Air Sdk \\\& Compiler and 10 more | 2017-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | |||||
| CVE-2016-0989 | 5 Adobe, Apple, Google and 2 more | 13 Air, Air Sdk, Air Sdk \\\& Compiler and 10 more | 2017-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | |||||
| CVE-2016-0986 | 5 Adobe, Apple, Google and 2 more | 13 Air, Air Sdk, Air Sdk \\\& Compiler and 10 more | 2017-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | |||||
| CVE-2016-0992 | 5 Adobe, Apple, Google and 2 more | 13 Air, Air Sdk, Air Sdk \\\& Compiler and 10 more | 2017-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. | |||||
| CVE-2016-0960 | 5 Adobe, Apple, Google and 2 more | 13 Air, Air Sdk, Air Sdk \\\& Compiler and 10 more | 2017-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | |||||
| CVE-2016-0961 | 5 Adobe, Apple, Google and 2 more | 13 Air, Air Sdk, Air Sdk \\\& Compiler and 10 more | 2017-01-04 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | |||||
| CVE-2016-9480 | 1 Libdwarf Project | 1 Libdwarf | 2016-12-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006. | |||||
| CVE-2016-0868 | 1 Rockwellautomation | 9 1763-l16awa Series A, 1763-l16awa Series B, 1763-l16bbb Series A and 6 more | 2016-12-22 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request. | |||||
| CVE-2016-7856 | 1 Adobe | 1 Dng Converter | 2016-12-16 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe DNG Converter versions 9.7 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-9539 | 1 Libtiff | 1 Libtiff | 2016-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092. | |||||
| CVE-2016-0942 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-07 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | |||||
| CVE-2016-0945 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-07 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0946. | |||||
| CVE-2016-0944 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-07 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946. | |||||
| CVE-2016-0933 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-07 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. | |||||
| CVE-2016-0946 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2016-12-07 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, and CVE-2016-0945. | |||||
| CVE-2016-1901 | 2 Cgit Project, Fedoraproject | 2 Cgit, Fedora | 2016-12-07 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow. | |||||
| CVE-2015-6636 | 1 Google | 1 Android | 2016-12-07 | 10.0 HIGH | 9.8 CRITICAL |
| mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670. | |||||
| CVE-2016-6695 | 1 Google | 1 Android | 2016-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR 1033540. | |||||
| CVE-2016-0972 | 5 Adobe, Apple, Google and 2 more | 9 Air, Air Sdk, Air Sdk \\\& Compiler and 6 more | 2016-12-06 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. | |||||
| CVE-2016-0981 | 5 Adobe, Apple, Google and 2 more | 9 Air, Air Sdk, Air Sdk \\\& Compiler and 6 more | 2016-12-06 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980. | |||||
| CVE-2016-0980 | 5 Adobe, Apple, Google and 2 more | 9 Air, Air Sdk, Air Sdk \\\& Compiler and 6 more | 2016-12-06 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0981. | |||||
| CVE-2016-0976 | 5 Adobe, Apple, Google and 2 more | 9 Air, Air Sdk, Air Sdk \\\& Compiler and 6 more | 2016-12-06 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. | |||||