Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-jvdb-r35g-vuc5
Summary
Multiple vulnerabilities have been found in Adobe Flash Player, the
    worst of which allows remote attackers to execute arbitrary code.
Aliases
0
alias CVE-2015-5119
Fixed_packages
0
url pkg:ebuild/www-plugins/adobe-flash@11.2.202.481
purl pkg:ebuild/www-plugins/adobe-flash@11.2.202.481
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-plugins/adobe-flash@11.2.202.481
Affected_packages
0
url pkg:rpm/redhat/flash-plugin@11.2.202.481-1?arch=el6_6
purl pkg:rpm/redhat/flash-plugin@11.2.202.481-1?arch=el6_6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2deq-knc5-gqgh
1
vulnerability VCID-2zen-a9gk-gfe1
2
vulnerability VCID-413z-ffr5-ukah
3
vulnerability VCID-5k9t-ar4q-4ua6
4
vulnerability VCID-7jmn-pcds-xucr
5
vulnerability VCID-88t8-tbnx-qff7
6
vulnerability VCID-8a1e-sc82-pba8
7
vulnerability VCID-96q7-emff-t3bn
8
vulnerability VCID-9c6u-2evq-qbg1
9
vulnerability VCID-9rt2-624p-c7eg
10
vulnerability VCID-dvba-b6af-kfcb
11
vulnerability VCID-ed2f-s7mg-33g6
12
vulnerability VCID-ekmk-cad5-ubg8
13
vulnerability VCID-ff7c-txvq-5udd
14
vulnerability VCID-fjuw-zsw4-vqdz
15
vulnerability VCID-fn1v-f3ba-ayhm
16
vulnerability VCID-g2t3-6d1c-9ubh
17
vulnerability VCID-h6wx-55np-d3bf
18
vulnerability VCID-j56q-6cxx-7qgy
19
vulnerability VCID-jvdb-r35g-vuc5
20
vulnerability VCID-n7e6-qrhf-uycv
21
vulnerability VCID-nvc3-559r-mqd1
22
vulnerability VCID-pant-33ku-c3hx
23
vulnerability VCID-qe1a-sc8j-byh7
24
vulnerability VCID-qkq1-3t6b-sucm
25
vulnerability VCID-s4kg-14rv-8ufy
26
vulnerability VCID-s9e9-hjcc-c7e2
27
vulnerability VCID-tf7u-a1b4-53c2
28
vulnerability VCID-vj2f-6v31-kfa9
29
vulnerability VCID-wcqu-5pw7-3kfy
30
vulnerability VCID-wjsc-cdw5-bugc
31
vulnerability VCID-x52h-syxb-f3en
32
vulnerability VCID-xcbs-j1e1-uuc5
33
vulnerability VCID-xrsk-dcx1-1fgb
34
vulnerability VCID-zc47-t2g5-33b2
35
vulnerability VCID-zkge-fqqn-pkf7
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.481-1%3Farch=el6_6
1
url pkg:rpm/redhat/flash-plugin@11.2.202.481-1?arch=el5
purl pkg:rpm/redhat/flash-plugin@11.2.202.481-1?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2deq-knc5-gqgh
1
vulnerability VCID-2zen-a9gk-gfe1
2
vulnerability VCID-413z-ffr5-ukah
3
vulnerability VCID-5k9t-ar4q-4ua6
4
vulnerability VCID-7jmn-pcds-xucr
5
vulnerability VCID-88t8-tbnx-qff7
6
vulnerability VCID-8a1e-sc82-pba8
7
vulnerability VCID-96q7-emff-t3bn
8
vulnerability VCID-9c6u-2evq-qbg1
9
vulnerability VCID-9rt2-624p-c7eg
10
vulnerability VCID-dvba-b6af-kfcb
11
vulnerability VCID-ed2f-s7mg-33g6
12
vulnerability VCID-ekmk-cad5-ubg8
13
vulnerability VCID-ff7c-txvq-5udd
14
vulnerability VCID-fjuw-zsw4-vqdz
15
vulnerability VCID-fn1v-f3ba-ayhm
16
vulnerability VCID-g2t3-6d1c-9ubh
17
vulnerability VCID-h6wx-55np-d3bf
18
vulnerability VCID-j56q-6cxx-7qgy
19
vulnerability VCID-jvdb-r35g-vuc5
20
vulnerability VCID-n7e6-qrhf-uycv
21
vulnerability VCID-nvc3-559r-mqd1
22
vulnerability VCID-pant-33ku-c3hx
23
vulnerability VCID-qe1a-sc8j-byh7
24
vulnerability VCID-qkq1-3t6b-sucm
25
vulnerability VCID-s4kg-14rv-8ufy
26
vulnerability VCID-s9e9-hjcc-c7e2
27
vulnerability VCID-tf7u-a1b4-53c2
28
vulnerability VCID-vj2f-6v31-kfa9
29
vulnerability VCID-wcqu-5pw7-3kfy
30
vulnerability VCID-wjsc-cdw5-bugc
31
vulnerability VCID-x52h-syxb-f3en
32
vulnerability VCID-xcbs-j1e1-uuc5
33
vulnerability VCID-xrsk-dcx1-1fgb
34
vulnerability VCID-zc47-t2g5-33b2
35
vulnerability VCID-zkge-fqqn-pkf7
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.481-1%3Farch=el5
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5119.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5119.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5119
reference_id
reference_type
scores
0
value 0.9315
scoring_system epss
scoring_elements 0.998
published_at 2026-04-26T12:55:00Z
1
value 0.9315
scoring_system epss
scoring_elements 0.99801
published_at 2026-04-29T12:55:00Z
2
value 0.93212
scoring_system epss
scoring_elements 0.99798
published_at 2026-04-04T12:55:00Z
3
value 0.93212
scoring_system epss
scoring_elements 0.99799
published_at 2026-04-08T12:55:00Z
4
value 0.93212
scoring_system epss
scoring_elements 0.998
published_at 2026-04-13T12:55:00Z
5
value 0.93212
scoring_system epss
scoring_elements 0.99801
published_at 2026-04-16T12:55:00Z
6
value 0.93212
scoring_system epss
scoring_elements 0.99802
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5119
2
reference_url http://www.securitytracker.com/id/1032809
reference_id 1032809
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://www.securitytracker.com/id/1032809
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1240832
reference_id 1240832
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1240832
4
reference_url http://www.kb.cert.org/vuls/id/561288
reference_id 561288
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://www.kb.cert.org/vuls/id/561288
5
reference_url http://twitter.com/w3bd3vil/statuses/618168863708962816
reference_id 618168863708962816
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://twitter.com/w3bd3vil/statuses/618168863708962816
6
reference_url http://www.securityfocus.com/bid/75568
reference_id 75568
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://www.securityfocus.com/bid/75568
7
reference_url http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_hacking_team_uaf
reference_id adobe_flash_hacking_team_uaf
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_hacking_team_uaf
8
reference_url https://packetstormsecurity.com/files/132600/Adobe-Flash-Player-ByteArray-Use-After-Free.html
reference_id Adobe-Flash-Player-ByteArray-Use-After-Free.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url https://packetstormsecurity.com/files/132600/Adobe-Flash-Player-ByteArray-Use-After-Free.html
9
reference_url https://helpx.adobe.com/security/products/flash-player/apsa15-03.html
reference_id apsa15-03.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url https://helpx.adobe.com/security/products/flash-player/apsa15-03.html
10
reference_url https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
reference_id apsb15-16.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/37523.rb
reference_id CVE-2015-5119;OSVDB-124196
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/37523.rb
12
reference_url https://security.gentoo.org/glsa/201507-13
reference_id GLSA-201507-13
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url https://security.gentoo.org/glsa/201507-13
13
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00015.html
reference_id msg00015.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00015.html
14
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00016.html
reference_id msg00016.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00016.html
15
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html
16
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html
17
reference_url https://access.redhat.com/errata/RHSA-2015:1214
reference_id RHSA-2015:1214
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1214
18
reference_url http://rhn.redhat.com/errata/RHSA-2015-1214.html
reference_id RHSA-2015-1214.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://rhn.redhat.com/errata/RHSA-2015-1214.html
19
reference_url http://www.us-cert.gov/ncas/alerts/TA15-195A
reference_id TA15-195A
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://www.us-cert.gov/ncas/alerts/TA15-195A
20
reference_url http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/
reference_id unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:55:11Z/
url http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/
Weaknesses
0
cwe_id 416
name Use After Free
description Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
Exploits
0
date_added 2015-07-08
description Adobe Flash Player - ByteArray Use-After-Free (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2015-07-08
exploit_type remote
platform multiple
source_date_updated 2015-07-08
data_source Exploit-DB
source_url
1
date_added 2022-03-03
description A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.
required_action The impacted product is end-of-life and should be disconnected if still in use.
due_date 2022-03-24
notes https://nvd.nist.gov/vuln/detail/CVE-2015-5119
known_ransomware_campaign_use false
source_date_published null
exploit_type null
platform null
source_date_updated null
data_source KEV
source_url null
2
date_added null
description 
This module exploits an use after free on Adobe Flash Player. The vulnerability,
          discovered by Hacking Team and made public as part of the July 2015 data leak, was
          described as an Use After Free while handling ByteArray objects. This module has
          been tested successfully on:

          Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.194,
          Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194,
          Windows 8.1 (32-bit), IE11 and Adobe Flash 18.0.0.194,
          Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.194, and
          Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.468.
required_action null
due_date null
notes 
AKA:
  - 0DayFlush
Stability:
  - unknown-stability
Reliability:
  - unknown-reliability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2015-07-06
exploit_type null
platform Linux,Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/adobe_flash_hacking_team_uaf.rb
Severity_range_score7.8 - 7.8
Exploitability2.0
Weighted_severity7.0
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-jvdb-r35g-vuc5