Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in May 2016.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAdobe Flash Player
APPAdobe≤ 21.0.0.226Opensuse Evergreen
OSOpensuse11.4Opensuse
OSOpensuse13.113.2Red Hat Enterprise Linux Desktop
OSRedhat5.06.0Red Hat Enterprise Linux Server
OSRedhat5.06.0Red Hat Enterprise Linux Server From Rhui
OSRedhat5.06.0Red Hat Enterprise Linux Workstation
OSRedhat5.06.0SUSE Linux Enterprise Desktop
OSSuse12SUSE Linux Enterprise Workstation Extension
OSSuse12
CISA KEV — detailsi
- Vendori
- Adobe ↗
- Producti
- Flash Player
- Added to KEVi
- March 3, 2022
- Remediation deadline (US Federal)i
- March 24, 2022(overdue)
The impacted product is end-of-life and should be disconnected if still in use.
An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
Related vulnerabilities
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...