Filtered by vendor Apple
Subscribe
Search
Total
4318 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0603 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2012-0604 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2012-0602 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2012-0590 | 1 Apple | 1 Iphone Os | 2018-11-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a drag-and-drop operation. | |||||
| CVE-2012-0605 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2012-0588 | 1 Apple | 1 Iphone Os | 2018-11-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589. | |||||
| CVE-2012-0589 | 1 Apple | 1 Iphone Os | 2018-11-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0588. | |||||
| CVE-2012-0587 | 1 Apple | 1 Iphone Os | 2018-11-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589. | |||||
| CVE-2012-0586 | 1 Apple | 1 Iphone Os | 2018-11-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589. | |||||
| CVE-2011-2455 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460. | |||||
| CVE-2011-2454 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. | |||||
| CVE-2011-2453 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. | |||||
| CVE-2011-2452 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. | |||||
| CVE-2011-2451 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. | |||||
| CVE-2011-2459 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460. | |||||
| CVE-2011-2460 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459. | |||||
| CVE-2011-2450 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | |||||
| CVE-2011-2458 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 9.3 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site. | |||||
| CVE-2011-2456 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2457 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2445 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2018-11-29 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. | |||||
| CVE-2011-2873 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2012-0585 | 1 Apple | 1 Iphone Os | 2018-11-29 | 5.0 MEDIUM | N/A |
| The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method. | |||||
| CVE-2011-2871 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2011-2872 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2011-2870 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2011-2869 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2011-2867 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2011-2868 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2011-2833 | 1 Apple | 2 Iphone Os, Itunes | 2018-11-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
| CVE-2010-1809 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 10.0 HIGH | N/A |
| The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. | |||||
| CVE-2010-1814 | 3 Apple, Canonical, Webkitgtk | 5 Iphone, Iphone Os, Ipod Touch and 2 more | 2018-11-16 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | |||||
| CVE-2010-1811 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 6.8 MEDIUM | N/A |
| ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. | |||||
| CVE-2010-1815 | 3 Apple, Canonical, Webkitgtk | 5 Iphone, Iphone Os, Ipod Touch and 2 more | 2018-11-16 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | |||||
| CVE-2010-1817 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 6.8 MEDIUM | N/A |
| Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | |||||
| CVE-2010-1812 | 3 Apple, Canonical, Webkitgtk | 5 Iphone, Iphone Os, Ipod Touch and 2 more | 2018-11-16 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. | |||||
| CVE-2010-1813 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | |||||
| CVE-2010-1754 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 6.9 MEDIUM | N/A |
| Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors. | |||||
| CVE-2010-1752 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. | |||||
| CVE-2010-1753 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 6.8 MEDIUM | N/A |
| ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. | |||||
| CVE-2010-1757 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 6.4 MEDIUM | N/A |
| WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. | |||||
| CVE-2010-1755 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 4.3 MEDIUM | N/A |
| Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. | |||||
| CVE-2010-1751 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-16 | 5.0 MEDIUM | N/A |
| Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. | |||||
| CVE-2010-1781 | 2 Apple, Canonical | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2018-11-16 | 6.8 MEDIUM | N/A |
| Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element. | |||||
| CVE-2010-0650 | 3 Apple, Canonical, Google | 3 Safari, Ubuntu Linux, Chrome | 2018-11-16 | 2.6 LOW | N/A |
| WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event. | |||||
| CVE-2009-2795 | 1 Apple | 1 Iphone Os | 2018-11-16 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing." | |||||
| CVE-2009-2797 | 2 Apple, Canonical | 2 Iphone Os, Ubuntu Linux | 2018-11-16 | 5.0 MEDIUM | N/A |
| The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server. | |||||
| CVE-2010-1756 | 1 Apple | 3 Iphone, Iphone Os, Ipod Touch | 2018-11-14 | 5.8 MEDIUM | N/A |
| The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. | |||||
| CVE-2009-0143 | 1 Apple | 1 Itunes | 2018-11-08 | 4.3 MEDIUM | N/A |
| Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast. | |||||
| CVE-2008-3615 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2018-11-01 | 9.3 HIGH | N/A |
| ir50_32.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, accesses uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | |||||