Total
174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1282 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2025-04-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file. | |||||
| CVE-2010-4190 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306. | |||||
| CVE-2011-0556 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569. | |||||
| CVE-2013-1383 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2423 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2012-2044 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2043, CVE-2012-2045, CVE-2012-2046, and CVE-2012-2047. | |||||
| CVE-2011-2120 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2449 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2013-0635 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-2422 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2010-4193 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2012-4174 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4175, and CVE-2012-5273. | |||||
| CVE-2010-1286 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. | |||||
| CVE-2010-2871 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie. | |||||
| CVE-2012-2047 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 11.6.6.636 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2043, CVE-2012-2044, CVE-2012-2045, and CVE-2012-2046. | |||||
| CVE-2012-0764 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0766. | |||||
| CVE-2014-0500 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.9.149 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0501. | |||||
| CVE-2010-2868 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x320D of a certain file. | |||||
| CVE-2013-1385 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Shockwave Player before 12.0.2.122 does not prevent access to address information, which makes it easier for attackers to bypass the ASLR protection mechanism via unspecified vectors. | |||||
| CVE-2011-2128 | 1 Adobe | 1 Shockwave Player | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2127. | |||||