Filtered by vendor Adobe
Subscriptions
Filtered by product Shockwave Player
Subscriptions
Total
174 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5273 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, and CVE-2012-4175. | ||||
| CVE-2012-6271 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of arbitrary signed Xtras via a Shockwave movie that contains an Xtra URL, as demonstrated by a URL for an outdated Xtra. | ||||
| CVE-2013-0635 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2013-0636 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-1383 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Buffer overflow in Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-1385 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors. | ||||
| CVE-2013-1386 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-1384. | ||||
| CVE-2013-3348 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2013-3359 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3360. | ||||
| CVE-2013-3360 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3359. | ||||
| CVE-2013-5333 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334. | ||||
| CVE-2014-0500 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501. | ||||
| CVE-2014-0501 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0500. | ||||
| CVE-2010-4188 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to be used as a loop counter, triggering a heap-based buffer overflow, a different vulnerability than CVE-2010-2587 and CVE-2010-2588. | ||||
| CVE-2010-4190 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | N/A |
| Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306. | ||||
| CVE-2010-1280 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2025-04-11 | 8.8 High |
| Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file. | ||||
| CVE-2009-3244 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | N/A |
| Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. | ||||
| CVE-2007-5941 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | N/A |
| Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method. | ||||
| CVE-2007-5275 | 2 Adobe, Redhat | 2 Shockwave Player, Rhel Extras | 2025-04-09 | N/A |
| The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish TCP sessions with arbitrary hosts via a Flash (SWF) movie, related to lack of pinning of a hostname to a single IP address after receiving an allow-access-from element in a cross-domain-policy XML document, and the availability of a Flash Socket class that does not use the browser's DNS pins, aka DNS rebinding attacks, a different issue than CVE-2002-1467 and CVE-2007-4324. | ||||
| CVE-2009-3465 | 1 Adobe | 1 Shockwave Player | 2025-04-09 | N/A |
| Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3464. NOTE: some of these details are obtained from third party information. | ||||