Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Total 10091 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-13749 5 Apple, Debian, Fedoraproject and 2 more 8 Iphone Os, Debian Linux, Fedora and 5 more 2023-02-04 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-10005 1 Apple 1 Macos 2023-02-03 4.0 MEDIUM 6.5 MEDIUM
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of service.
CVE-2020-9715 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more 2023-02-03 9.3 HIGH 7.8 HIGH
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2016-1014 5 Adobe, Apple, Google and 2 more 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more 2023-02-03 6.9 MEDIUM 7.3 HIGH
Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory.
CVE-2016-4448 9 Apple, Hp, Mcafee and 6 more 21 Icloud, Iphone Os, Itunes and 18 more 2023-02-02 10.0 HIGH 9.8 CRITICAL
CVE-2016-4448 libxml2: Format string vulnerability
CVE-2016-0718 9 Apple, Canonical, Debian and 6 more 14 Mac Os X, Ubuntu Linux, Debian Linux and 11 more 2023-02-02 7.5 HIGH 9.8 CRITICAL
An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application.
CVE-2016-4447 8 Apple, Canonical, Debian and 5 more 12 Iphone Os, Itunes, Mac Os X and 9 more 2023-02-02 5.0 MEDIUM 7.5 HIGH
CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName
CVE-2015-7500 6 Apple, Canonical, Debian and 3 more 13 Iphone Os, Mac Os X, Tvos and 10 more 2023-02-02 5.0 MEDIUM N/A
A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.
CVE-2015-7499 7 Apple, Canonical, Debian and 4 more 15 Iphone Os, Mac Os X, Tvos and 12 more 2023-02-02 5.0 MEDIUM N/A
A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.
CVE-2014-8129 4 Apple, Debian, Libtiff and 1 more 8 Iphone Os, Mac Os X, Debian Linux and 5 more 2023-02-02 6.8 MEDIUM 8.8 HIGH
CVE-2014-8129 libtiff: out-of-bounds read/write with malformed TIFF image in tiff2pdf
CVE-2014-3566 11 Apple, Debian, Fedoraproject and 8 more 20 Mac Os X, Debian Linux, Fedora and 17 more 2023-02-02 4.3 MEDIUM 3.4 LOW
A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
CVE-2008-2939 4 Apache, Apple, Canonical and 1 more 4 Http Server, Mac Os X, Ubuntu Linux and 1 more 2023-02-02 4.3 MEDIUM N/A
CVE-2008-2939 httpd: mod_proxy_ftp globbing XSS
CVE-2009-1179 4 Apple, Foolabs, Glyphandcog and 1 more 4 Cups, Xpdf, Xpdfreader and 1 more 2023-02-02 6.8 MEDIUM N/A
CVE-2009-1179 PDF JBIG2 integer overflow
CVE-2022-32827 1 Apple 2 Iphone Os, Macos 2023-02-02 N/A 5.5 MEDIUM
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service.
CVE-2012-5519 2 Apple, Debian 2 Cups, Debian Linux 2023-02-02 7.2 HIGH N/A
CVE-2012-5519 cups: privilege escalation for users of the CUPS SystemGroup group
CVE-2010-2806 3 Apple, Canonical, Freetype 5 Iphone Os, Mac Os X, Tvos and 2 more 2023-02-02 6.8 MEDIUM N/A
CVE-2010-2806 FreeType: Heap-based buffer overflow by processing FontType42 fonts with negative length of SFNT strings (FT bug #30656)
CVE-2010-2249 8 Apple, Canonical, Debian and 5 more 12 Iphone Os, Itunes, Safari and 9 more 2023-02-02 4.3 MEDIUM 6.5 MEDIUM
CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
CVE-2010-2808 3 Apple, Canonical, Freetype 5 Iphone Os, Mac Os X, Tvos and 2 more 2023-02-02 6.8 MEDIUM N/A
CVE-2010-2808 FreeType: Stack-based buffer overflow by processing certain LWFN fonts
CVE-2009-1181 4 Apple, Foolabs, Glyphandcog and 1 more 4 Cups, Xpdf, Xpdfreader and 1 more 2023-02-02 4.3 MEDIUM N/A
CVE-2009-1181 PDF JBIG2 NULL dereference
CVE-2009-1183 4 Apple, Foolabs, Glyphandcog and 1 more 4 Cups, Xpdf, Xpdfreader and 1 more 2023-02-02 4.3 MEDIUM N/A
CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS