Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev).
Adobe
Information Disclosure
Microsoft
NVD
GitHub
VulDB
CVSS 3.1
7.8
EPSS
5.4%