Filtered by vendor Apple
Subscribe
Total
11182 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-5190 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.3 MEDIUM | N/A |
Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure. | |||||
CVE-2012-5265 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | |||||
CVE-2012-3602 | 1 Apple | 1 Itunes | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
CVE-2012-5263 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2023-12-10 | 10.0 HIGH | N/A |
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. | |||||
CVE-2013-0888 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads." | |||||
CVE-2012-3651 | 1 Apple | 1 Itunes | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
CVE-2012-3639 | 1 Apple | 1 Safari | 2023-12-10 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3698 | 1 Apple | 1 Xcode | 2023-12-10 | 5.0 MEDIUM | N/A |
Apple Xcode before 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote attackers to read keychain entries via a crafted app, as demonstrated by the keychain entries of a (1) helper tool or (2) command-line tool. | |||||
CVE-2013-5331 | 4 Adobe, Apple, Linux and 1 more | 6 Air, Air Sdk, Flash Player and 3 more | 2023-12-10 | 9.3 HIGH | N/A |
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013. | |||||
CVE-2013-0957 | 1 Apple | 1 Iphone Os | 2023-12-10 | 5.8 MEDIUM | N/A |
Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox. | |||||
CVE-2013-5228 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
CVE-2012-3751 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with a crafted _qtactivex_ parameter in an OBJECT element. | |||||
CVE-2013-1020 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file. | |||||
CVE-2012-4143 | 4 Apple, Linux, Microsoft and 1 more | 4 Mac Os X, Linux Kernel, Windows and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924. | |||||
CVE-2012-3715 | 1 Apple | 1 Safari | 2023-12-10 | 4.3 MEDIUM | N/A |
Apple Safari before 6.0.1 makes http requests for https URIs in certain circumstances involving a paste into the address bar, which allows user-assisted remote attackers to obtain sensitive information by sniffing the network. | |||||
CVE-2012-3664 | 1 Apple | 1 Safari | 2023-12-10 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-0265 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file. | |||||
CVE-2013-0952 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
CVE-2013-0988 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FPX file. | |||||
CVE-2011-3060 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |