Search
Total
5437 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1266 | 1 Apple | 1 Mac Os X | 2017-10-10 | 4.6 MEDIUM | N/A |
| Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File." | |||||
| CVE-2002-1265 | 3 Apple, Gnu, Sgi | 4 Mac Os X, Mac Os X Server, Glibc and 1 more | 2017-10-10 | 5.0 MEDIUM | N/A |
| The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). | |||||
| CVE-2002-1372 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-10-10 | 5.0 MEDIUM | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | |||||
| CVE-2002-1371 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-10-10 | 7.5 HIGH | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | |||||
| CVE-2004-0165 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | |||||
| CVE-2004-0089 | 1 Apple | 1 Mac Os X | 2017-10-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable. | |||||
| CVE-2002-1369 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-10-10 | 10.0 HIGH | N/A |
| jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
| CVE-2002-1367 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-10-10 | 10.0 HIGH | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. | |||||
| CVE-2002-1366 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2017-10-10 | 6.2 MEDIUM | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. | |||||
| CVE-2002-1270 | 1 Apple | 1 Mac Os X | 2017-10-10 | 2.1 LOW | N/A |
| Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call. | |||||
| CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2017-10-10 | 3.6 LOW | N/A |
| Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | |||||
| CVE-2015-0359 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2017-10-07 | 10.0 HIGH | N/A |
| Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0346. | |||||
| CVE-2009-1726 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile. | |||||
| CVE-2009-1236 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member. | |||||
| CVE-2009-1235 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 7.2 HIGH | N/A |
| XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls. | |||||
| CVE-2009-1238 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 7.2 HIGH | N/A |
| Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable. | |||||
| CVE-2009-1237 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 4.9 MEDIUM | N/A |
| Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call. | |||||
| CVE-2009-0153 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 4.3 MEDIUM | N/A |
| International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2008-0047 | 2 Apple, Cups | 3 Mac Os X, Mac Os X Server, Cups | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | |||||
| CVE-2008-1036 | 2 Apple, Redhat | 3 Mac Os X, Mac Os X Server, Enterprise Linux | 2017-09-29 | 4.3 MEDIUM | N/A |
| The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2007-6276 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 7.8 HIGH | N/A |
| The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. | |||||
| CVE-2007-5901 | 2 Apple, Mit | 3 Mac Os X, Mac Os X Server, Kerberos 5 | 2017-09-29 | 6.9 MEDIUM | N/A |
| Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. | |||||
| CVE-2007-3876 | 1 Apple | 1 Mac Os X | 2017-09-29 | 6.6 MEDIUM | N/A |
| Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil. | |||||
| CVE-2015-3688 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2017-09-22 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689. | |||||
| CVE-2015-3687 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2017-09-22 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689. | |||||
| CVE-2015-3686 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2017-09-22 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. | |||||
| CVE-2015-3137 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3136 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3135 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-4432 and CVE-2015-5118. | |||||
| CVE-2015-3134 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, and CVE-2015-4431. | |||||
| CVE-2015-3133 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3134, and CVE-2015-4431. | |||||
| CVE-2015-3132 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3131 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3130 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431. | |||||
| CVE-2015-3129 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3128 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3127 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3126 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 7.5 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-4429. | |||||
| CVE-2015-3125 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 5.0 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-5116. | |||||
| CVE-2015-3124 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3123 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431. | |||||
| CVE-2015-3122 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, and CVE-2015-4433. | |||||
| CVE-2015-3121 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3120, CVE-2015-3122, and CVE-2015-4433. | |||||
| CVE-2015-3120 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3119, CVE-2015-3121, CVE-2015-3122, and CVE-2015-4433. | |||||
| CVE-2015-3119 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, and CVE-2015-4433. | |||||
| CVE-2015-3118 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117. | |||||
| CVE-2015-3117 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431. | |||||
| CVE-2015-3116 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 5.0 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3125, and CVE-2015-5116. | |||||
| CVE-2015-3115 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 5.0 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3116, CVE-2015-3125, and CVE-2015-5116. | |||||
| CVE-2015-3114 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 5.0 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | |||||