Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Total 11170 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0113 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2023-12-10 7.6 HIGH N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-2847 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2023-12-10 6.8 MEDIUM N/A
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
CVE-2011-3234 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2023-12-10 5.0 MEDIUM N/A
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2010-1029 2 Apple, Google 3 Iphone Os, Safari, Chrome 2023-12-10 5.0 MEDIUM N/A
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.
CVE-2010-3116 4 Apple, Canonical, Google and 1 more 5 Iphone Os, Safari, Ubuntu Linux and 2 more 2023-12-10 10.0 HIGH N/A
Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.
CVE-2012-0756 6 Adobe, Apple, Google and 3 more 6 Flash Player, Mac Os X, Android and 3 more 2023-12-10 9.3 HIGH N/A
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0755.
CVE-2010-1374 2 Aol, Apple 3 Aim, Mac Os X, Mac Os X Server 2023-12-10 4.3 MEDIUM N/A
Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation.
CVE-2010-1749 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2023-12-10 9.3 HIGH N/A
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that has been referenced multiple times.
CVE-2010-3787 1 Apple 2 Mac Os X, Mac Os X Server 2023-12-10 6.8 MEDIUM N/A
Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.
CVE-2011-3909 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2023-12-10 5.0 MEDIUM N/A
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
CVE-2011-3966 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2023-12-10 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data.
CVE-2011-2870 1 Apple 2 Iphone Os, Itunes 2023-12-10 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2011-0253 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2023-12-10 9.3 HIGH N/A
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CVE-2012-0592 1 Apple 2 Iphone Os, Itunes 2023-12-10 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2011-3887 2 Apple, Google 3 Iphone Os, Safari, Chrome 2023-12-10 5.0 MEDIUM N/A
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.
CVE-2010-1177 1 Apple 2 Iphone Os, Safari 2023-12-10 9.3 HIGH N/A
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving document.write calls with long crafted strings.
CVE-2011-2341 1 Apple 2 Itunes, Webkit 2023-12-10 7.6 HIGH N/A
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
CVE-2010-1802 1 Apple 3 Libsecurity, Mac Os X, Mac Os X Server 2023-12-10 6.4 MEDIUM N/A
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com.
CVE-2010-1784 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2023-12-10 9.3 HIGH N/A
The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
CVE-2011-2134 6 Adobe, Apple, Google and 3 more 7 Adobe Air, Flash Player, Mac Os X and 4 more 2023-12-10 10.0 HIGH N/A
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.