Search
Total
6341 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39840 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForms that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2021-39837 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm deleteItemAt action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39842 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39850 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39851 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39843 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39841 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Type Confusion vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39844 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39849 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39852 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39836 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetIcon action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39853 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39854 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-10-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39858 | 3 Adobe, Apple, Microsoft | 8 Acrobat, Acrobat 2017, Acrobat Dc and 5 more | 2021-10-06 | 4.3 MEDIUM | 3.3 LOW |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-39863 | 3 Adobe, Apple, Microsoft | 8 Acrobat, Acrobat 2017, Acrobat Dc and 5 more | 2021-10-06 | 6.8 MEDIUM | 7.8 HIGH |
| Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28130 | 2 Drweb, Microsoft | 2 Security Space, Windows | 2021-10-06 | 4.4 MEDIUM | 7.8 HIGH |
| Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters. | |||||
| CVE-2021-3626 | 2 Canonical, Microsoft | 2 Multipass, Windows | 2021-10-05 | 4.6 MEDIUM | 8.8 HIGH |
| The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation. | |||||
| CVE-2020-9671 | 2 Adobe, Microsoft | 2 Creative Cloud Desktop Application, Windows | 2021-10-05 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2020-9682 | 2 Adobe, Microsoft | 2 Creative Cloud Desktop Application, Windows | 2021-10-05 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write. | |||||
| CVE-2021-36134 | 2 Microsoft, Netop | 2 Windows, Vision Pro | 2021-10-04 | 3.3 LOW | 6.5 MEDIUM |
| Out of bounds write vulnerability in the JPEG parsing code of Netop Vision Pro up to and including 9.7.2 allows an adjacent unauthenticated attacker to write to arbitrary memory potentially leading to a Denial of Service (DoS). | |||||
| CVE-2021-40708 | 3 Adobe, Apple, Microsoft | 3 Genuine Service, Macos, Windows | 2021-10-04 | 6.0 MEDIUM | 7.3 HIGH |
| Adobe Genuine Service versions 7.3 (and earlier) are affected by a privilege escalation vulnerability in the AGSService installer. An authenticated attacker could leverage this vulnerability to achieve read / write privileges to execute arbitrary code. User interaction is required to abuse this vulnerability. | |||||
| CVE-2021-28547 | 3 Adobe, Apple, Microsoft | 3 Creative Cloud Desktop Application, Macos, Windows | 2021-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority. | |||||
| CVE-2021-32466 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2021-10-02 | 6.9 MEDIUM | 7.0 HIGH |
| An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate privileges by placing a custom crafted file in a specific directory to load a malicious library. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. | |||||
| CVE-2020-26301 | 2 Microsoft, Ssh2 Project | 2 Windows, Ssh2 | 2021-10-01 | 7.5 HIGH | 10.0 CRITICAL |
| ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This is fixed in version 1.4.0. | |||||
| CVE-2021-39246 | 4 Apple, Linux, Microsoft and 1 more | 4 Macos, Linux Kernel, Windows and 1 more | 2021-10-01 | 3.6 LOW | 6.1 MEDIUM |
| Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network). | |||||
| CVE-2021-40709 | 3 Adobe, Apple, Microsoft | 4 Photoshop 2020, Photoshop 2021, Macos and 1 more | 2021-10-01 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 21.2.11 (and earlier) and 22.5 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted SVG file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-29814 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204334. | |||||
| CVE-2021-29810 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204279. | |||||
| CVE-2021-29813 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204331. | |||||
| CVE-2021-29812 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204330. | |||||
| CVE-2021-29815 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204340. | |||||
| CVE-2021-29816 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204341. | |||||
| CVE-2021-29832 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204824. | |||||
| CVE-2021-29904 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 2.1 LOW | 5.5 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 207610. | |||||
| CVE-2021-29833 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204825. | |||||
| CVE-2021-38877 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208405. | |||||
| CVE-2021-29905 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2021-09-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207616. | |||||
| CVE-2021-20569 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2021-09-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Security Secret Server up to 11.0 could allow an attacker to enumerate usernames due to improper input validation. IBM X-Force ID: 199243. | |||||
| CVE-2021-20508 | 2 Ibm, Microsoft | 2 Security Secret Server, Windows | 2021-09-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Security Secret Server up to 11.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199322. | |||||
| CVE-2019-9489 | 2 Microsoft, Trendmicro | 6 Windows, Apex One, Apex One As A Service and 3 more | 2021-09-24 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console. | |||||
| CVE-2021-38086 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2021-09-23 | 4.4 MEDIUM | 7.8 HIGH |
| Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking. | |||||
| CVE-2020-29075 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2021-09-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability. | |||||
| CVE-2017-11305 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Mac Os X, Macos and 5 more | 2021-09-22 | 5.0 MEDIUM | 7.5 HIGH |
| A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data. | |||||
| CVE-2017-11292 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Mac Os X, Macos and 5 more | 2021-09-22 | 6.5 MEDIUM | 8.8 HIGH |
| Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-6990 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989. | |||||
| CVE-2016-6986 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2016-6992 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion." | |||||
| CVE-2016-6989 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6990. | |||||
| CVE-2016-6982 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2016-6981 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Macos, Chrome Os and 4 more | 2021-09-22 | 10.0 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6987. | |||||