Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAdobe Flash Player
APPAdobe≤ 11.2.202.438≤ 13.0.0.26214.0.0.125 – 16.0.0.287 (bez)Apple Mac Os X
OSApplewszystkie wersjeLinux Kernel
OSLinuxwszystkie wersjeMicrosoft Edge
APPMicrosoftwszystkie wersjeMicrosoft Internet Explorer
APPMicrosoft1011Microsoft Windows
OSMicrosoftwszystkie wersjeMicrosoft Windows 10 1507
OSMicrosoftwszystkie wersjeMicrosoft Windows 8
OSMicrosoftwszystkie wersjeMicrosoft Windows 8.1
OSMicrosoftwszystkie wersjeMicrosoft Windows Rt
OSMicrosoftwszystkie wersjeMicrosoft Windows Rt 8.1
OSMicrosoftwszystkie wersjeMicrosoft Windows Server 2012
OSMicrosoftr2SUSE Linux Enterprise Desktop
OSSuse1112SUSE Linux Enterprise Workstation Extension
OSSuse12
CISA KEV — detailsi
- Vendori
- Adobe ↗
- Producti
- Flash Player
- Added to KEVi
- April 13, 2022
- Remediation deadline (US Federal)i
- May 4, 2022(overdue)
The impacted product is end-of-life and should be disconnected if still in use.
Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.
Related vulnerabilities
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
RCE w Windows Server Update Service (WSUS) — deserializacja danych
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP