Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Total 11182 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4011 1 Apple 1 Mac Os X Server 2023-12-10 4.0 MEDIUM N/A
Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
CVE-2011-3032 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2023-12-10 6.8 MEDIUM N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.
CVE-2010-0105 1 Apple 1 Mac Os X 2023-12-10 4.9 MEDIUM N/A
The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service (filesystem corruption) via a crafted application that calls the mkdir and link functions, related to the fsck_hfs program in the diskdev_cmds component.
CVE-2010-0037 1 Apple 2 Mac Os X, Mac Os X Server 2023-12-10 9.3 HIGH N/A
Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image.
CVE-2011-0256 1 Apple 1 Quicktime 2023-12-10 9.3 HIGH N/A
Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file.
CVE-2012-0632 1 Apple 2 Iphone Os, Itunes 2023-12-10 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2010-0192 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2023-12-10 9.3 HIGH N/A
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196.
CVE-2010-1287 3 Adobe, Apple, Microsoft 7 Shockwave Player, Macos, Windows and 4 more 2023-12-10 9.3 HIGH N/A
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.
CVE-2011-2860 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2023-12-10 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.
CVE-2010-1769 2 Apple, Microsoft 4 Itunes, Windows 7, Windows Vista and 1 more 2023-12-10 10.0 HIGH N/A
WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.
CVE-2011-0124 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2023-12-10 7.6 HIGH N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0204 1 Apple 3 Imageio, Mac Os X, Mac Os X Server 2023-12-10 6.8 MEDIUM N/A
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.
CVE-2011-0623 6 Adobe, Apple, Google and 3 more 6 Flash Player, Mac Os X, Android and 3 more 2023-12-10 9.3 HIGH N/A
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2011-0624, CVE-2011-0625, and CVE-2011-0626.
CVE-2009-2801 1 Apple 2 Mac Os X, Mac Os X Server 2023-12-10 6.4 MEDIUM N/A
The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified firewall rules after a reboot, which might allow remote attackers to bypass intended access restrictions via packet data, related to a "timing issue."
CVE-2011-3436 1 Apple 2 Mac Os X, Mac Os X Server 2023-12-10 6.5 MEDIUM N/A
Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation.
CVE-2010-1291 3 Adobe, Apple, Microsoft 7 Shockwave Player, Macos, Windows and 4 more 2023-12-10 9.3 HIGH N/A
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1290.
CVE-2010-1288 3 Adobe, Apple, Microsoft 7 Shockwave Player, Macos, Windows and 4 more 2023-12-10 9.3 HIGH N/A
Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow attackers to execute arbitrary code via unspecified vectors.
CVE-2011-3222 1 Apple 2 Mac Os X, Mac Os X Server 2023-12-10 6.8 MEDIUM N/A
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.
CVE-2011-1114 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2023-12-10 7.5 HIGH N/A
Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
CVE-2012-0594 1 Apple 2 Iphone Os, Itunes 2023-12-10 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.