Flash Player for Windows, Macintosh, Linux and Android are all affected.
Adobe has given a priority 1 rating to the Windows update, which means the company recommends installation of the new version within 72 hours. The other updates have been assigned lower priority ratings.
The flaws in earlier versions of the two pieces of software are four memory corruption issues, an integer overflow condition, and a cross-domain information leak.
Adobe recommends updating Flash Player to version 11.4.402.265 (Windows or OS X), 126.96.36.199 (Linux), 188.8.131.52 (Android 4.x), or 184.108.40.206 (Android 3.x).
Users that are unable or unwilling to update beyond Flash 10 should install version 10.3.183.23.
Google's Chrome browser automatically updates with the latest version of Flash Player, but a relaunch may be required before the updated version of Chrome becomes active.
The new versions of AIR for Windows, OS X and Android are all numbered 220.127.116.110.
Further details and links to download locations are available here.
Symantec has detected malicious email campaigns that exploit one of the Flash vulnerabilities.