Search
Total
5437 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-7858 | 6 Adobe, Apple, Google and 3 more | 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more | 2019-05-16 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7860 | 6 Adobe, Apple, Google and 3 more | 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more | 2019-05-15 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7861 | 6 Adobe, Apple, Google and 3 more | 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more | 2019-05-15 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7862 | 6 Adobe, Apple, Google and 3 more | 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more | 2019-05-15 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-7864 | 6 Adobe, Apple, Google and 3 more | 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more | 2019-05-15 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2018-4456 | 1 Apple | 1 Mac Os X | 2019-05-14 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14. | |||||
| CVE-2017-7050 | 1 Apple | 1 Mac Os X | 2019-05-06 | 7.9 HIGH | 8.0 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-7051 | 1 Apple | 1 Mac Os X | 2019-05-06 | 7.9 HIGH | 8.0 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-7054 | 1 Apple | 1 Mac Os X | 2019-05-06 | 7.9 HIGH | 8.0 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2019-9804 | 2 Apple, Mozilla | 2 Mac Os X, Firefox | 2019-04-30 | 7.5 HIGH | 9.8 CRITICAL |
| In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66. | |||||
| CVE-2017-13833 | 1 Apple | 1 Mac Os X | 2019-04-29 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2014-8146 | 2 Apple, Icu-project | 5 Iphone Os, Itunes, Mac Os X and 2 more | 2019-04-23 | 7.5 HIGH | N/A |
| The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text. | |||||
| CVE-2014-8147 | 2 Apple, Icu-project | 3 Mac Os X, Watchos, International Components For Unicode | 2019-04-23 | 7.5 HIGH | N/A |
| The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text. | |||||
| CVE-2015-5922 | 2 Apple, Icu-project | 3 Mac Os X, Watchos, International Components For Unicode | 2019-04-23 | 10.0 HIGH | N/A |
| Unspecified vulnerability in International Components for Unicode (ICU) before 53.1.0, as used in Apple OS X before 10.11 and watchOS before 2, has unknown impact and attack vectors. | |||||
| CVE-2015-2783 | 3 Apple, Php, Redhat | 9 Mac Os X, Php, Enterprise Linux and 6 more | 2019-04-22 | 5.8 MEDIUM | N/A |
| ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions. | |||||
| CVE-2013-1824 | 3 Apple, Php, Redhat | 3 Mac Os X, Php, Enterprise Linux | 2019-04-22 | 4.3 MEDIUM | N/A |
| The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. | |||||
| CVE-2015-4025 | 3 Apple, Php, Redhat | 9 Mac Os X, Php, Enterprise Linux and 6 more | 2019-04-22 | 7.5 HIGH | N/A |
| PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. | |||||
| CVE-2015-4026 | 3 Apple, Php, Redhat | 9 Mac Os X, Php, Enterprise Linux and 6 more | 2019-04-22 | 7.5 HIGH | N/A |
| The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. | |||||
| CVE-2015-3307 | 3 Apple, Php, Redhat | 9 Mac Os X, Php, Enterprise Linux and 6 more | 2019-04-22 | 7.5 HIGH | N/A |
| The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive. | |||||
| CVE-2015-4021 | 3 Apple, Php, Redhat | 9 Mac Os X, Php, Enterprise Linux and 6 more | 2019-04-22 | 5.0 MEDIUM | N/A |
| The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive. | |||||
| CVE-2015-4022 | 3 Apple, Php, Redhat | 9 Mac Os X, Php, Enterprise Linux and 6 more | 2019-04-22 | 7.5 HIGH | N/A |
| Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. | |||||
| CVE-2018-4187 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message. | |||||
| CVE-2018-4460 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | |||||
| CVE-2018-4353 | 1 Apple | 1 Mac Os X | 2019-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14. | |||||
| CVE-2018-4412 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2019-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||||
| CVE-2018-4371 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. | |||||
| CVE-2018-4395 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-08 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4326 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14. | |||||
| CVE-2018-4401 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4340 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4343 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4344 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4333 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14. | |||||
| CVE-2018-4420 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. | |||||
| CVE-2018-4425 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4383 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4435 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 6.8 MEDIUM | 7.8 HIGH |
| A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | |||||
| CVE-2018-4354 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 6.8 MEDIUM | 8.6 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4280 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. | |||||
| CVE-2017-7151 | 2 Apple, Microsoft | 6 Iphone Os, Itunes, Mac Os X and 3 more | 2019-04-05 | 5.1 MEDIUM | 7.0 HIGH |
| A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4. | |||||
| CVE-2018-4426 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4126 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. | |||||
| CVE-2018-4427 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006. | |||||
| CVE-2018-4449 | 1 Apple | 1 Mac Os X | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2. | |||||
| CVE-2018-4461 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | |||||
| CVE-2018-4419 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. | |||||
| CVE-2018-4462 | 1 Apple | 1 Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2. | |||||
| CVE-2018-4463 | 1 Apple | 1 Mac Os X | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2. | |||||
| CVE-2018-4434 | 1 Apple | 1 Mac Os X | 2019-04-05 | 6.6 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2. | |||||
| CVE-2018-4447 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | |||||