Total
174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0759 | 1 Adobe | 1 Shockwave Player | 2018-02-20 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771. | |||||
| CVE-2014-0501 | 1 Adobe | 1 Shockwave Player | 2018-01-03 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500. | |||||
| CVE-2014-0500 | 1 Adobe | 1 Shockwave Player | 2018-01-03 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501. | |||||
| CVE-2012-2033 | 1 Adobe | 1 Shockwave Player | 2017-11-22 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2032. | |||||
| CVE-2012-2032 | 1 Adobe | 1 Shockwave Player | 2017-11-22 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2033. | |||||
| CVE-2012-2031 | 1 Adobe | 1 Shockwave Player | 2017-11-22 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and CVE-2012-2033. | |||||
| CVE-2012-2030 | 1 Adobe | 1 Shockwave Player | 2017-11-22 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033. | |||||
| CVE-2012-2029 | 1 Adobe | 1 Shockwave Player | 2017-11-22 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033. | |||||
| CVE-2012-6271 | 1 Adobe | 1 Shockwave Player | 2017-11-17 | 9.3 HIGH | N/A |
| Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of arbitrary signed Xtras via a Shockwave movie that contains an Xtra URL, as demonstrated by a URL for an outdated Xtra. | |||||
| CVE-2012-6270 | 1 Adobe | 1 Shockwave Player | 2017-11-17 | 9.3 HIGH | N/A |
| Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a "downgrading" attack. | |||||
| CVE-2007-5941 | 1 Adobe | 1 Shockwave Player | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method. | |||||
| CVE-2007-5275 | 1 Adobe | 1 Shockwave Player | 2017-09-29 | 5.0 MEDIUM | N/A |
| The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser's DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324. | |||||
| CVE-2017-3086 | 1 Adobe | 1 Shockwave Player | 2017-09-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Shockwave versions 12.2.8.198 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2010-4092 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-4090 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2010-4085 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4086, and CVE-2010-4088. | |||||
| CVE-2010-4084 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4085, CVE-2010-4086, and CVE-2010-4088. | |||||
| CVE-2010-3655 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-3653 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2875 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a length value associated with the tSAC chunk in a Director movie. | |||||