CVE | Published | Severity | Details | Exploitability | Impact | Vector |
CVE‑2023‑32353 | 2023‑06‑23 18:15:11 | HIGH (8) | A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges. | 2 | 6 | LOCAL |
CVE‑2023‑32351 | 2023‑06‑23 18:15:11 | HIGH (8) | A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges. | 2 | 6 | LOCAL |
CVE‑2022‑26774 | 2022‑05‑26 20:15:10 | HIGH (8) | A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges. | 2 | 6 | LOCAL |
CVE‑2022‑26773 | 2022‑05‑26 20:15:10 | HIGH (7) | A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission. | 2 | 5 | LOCAL |
CVE‑2022‑26751 | 2022‑05‑26 20:15:09 | HIGH (8) | A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2022‑26717 | 2022‑11‑01 20:15:17 | HIGH (9) | A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2022‑26711 | 2022‑05‑26 19:15:08 | CRITICAL (10) | An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 4 | 6 | NETWORK |
CVE‑2022‑22629 | 2022‑09‑23 20:15:09 | HIGH (9) | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2022‑22612 | 2022‑03‑18 18:15:14 | HIGH (8) | A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption. | 2 | 6 | LOCAL |
CVE‑2022‑22611 | 2022‑03‑18 18:15:13 | HIGH (8) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2021‑30849 | 2021‑10‑19 14:15:10 | HIGH (8) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2021‑30847 | 2021‑10‑19 14:15:10 | HIGH (8) | This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2021‑30835 | 2021‑10‑19 14:15:09 | HIGH (8) | This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2021‑1857 | 2021‑09‑08 15:15:11 | MEDIUM (7) | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information. | 3 | 4 | NETWORK |
CVE‑2021‑1825 | 2021‑09‑08 15:15:10 | MEDIUM (6) | An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. | 3 | 3 | NETWORK |
CVE‑2021‑1811 | 2021‑09‑08 15:15:10 | MEDIUM (7) | A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory. | 3 | 4 | NETWORK |
CVE‑2020‑9999 | 2020‑12‑08 20:15:18 | HIGH (8) | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9984 | 2020‑10‑22 19:15:16 | HIGH (8) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9981 | 2020‑12‑08 20:15:18 | HIGH (8) | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9947 | 2020‑12‑08 20:15:17 | HIGH (9) | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9938 | 2020‑10‑22 19:15:15 | HIGH (8) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9937 | 2020‑10‑22 19:15:15 | HIGH (8) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9936 | 2020‑10‑16 17:15:18 | HIGH (8) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9925 | 2020‑10‑16 17:15:17 | MEDIUM (6) | A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2020‑9919 | 2020‑10‑22 19:15:15 | HIGH (8) | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9916 | 2020‑10‑16 17:15:17 | MEDIUM (5) | A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the destination of a URL. | 4 | 1 | NETWORK |
CVE‑2020‑9915 | 2020‑10‑16 17:15:17 | MEDIUM (7) | An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | 3 | 4 | NETWORK |
CVE‑2020‑9910 | 2020‑10‑16 17:15:17 | HIGH (9) | Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. | 3 | 6 | NETWORK |
CVE‑2020‑9895 | 2020‑10‑16 17:15:16 | CRITICAL (10) | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 4 | 6 | NETWORK |
CVE‑2020‑9894 | 2020‑10‑16 17:15:16 | MEDIUM (4) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 3 | 1 | NETWORK |
CVE‑2020‑9893 | 2020‑10‑16 17:15:16 | HIGH (9) | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9883 | 2020‑10‑22 18:15:15 | HIGH (8) | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9879 | 2020‑10‑22 18:15:15 | HIGH (8) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9877 | 2020‑10‑22 18:15:15 | HIGH (8) | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9876 | 2020‑10‑22 18:15:15 | HIGH (8) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9875 | 2020‑10‑22 18:15:15 | HIGH (8) | An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9874 | 2020‑10‑22 18:15:15 | HIGH (8) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9873 | 2020‑10‑22 18:15:14 | HIGH (8) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9872 | 2020‑10‑22 18:15:14 | HIGH (8) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9871 | 2020‑10‑22 18:15:14 | HIGH (8) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑9862 | 2020‑10‑16 17:15:15 | HIGH (8) | A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. | 2 | 6 | LOCAL |
CVE‑2020‑9850 | 2020‑06‑09 17:15:15 | CRITICAL (10) | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. | 4 | 6 | NETWORK |
CVE‑2020‑9849 | 2020‑12‑08 20:15:16 | MEDIUM (7) | An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0. A remote attacker may be able to leak memory. | 3 | 4 | NETWORK |
CVE‑2020‑9843 | 2020‑06‑09 17:15:15 | HIGH (7) | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. | 3 | 4 | NETWORK |
CVE‑2020‑9807 | 2020‑06‑09 17:15:13 | HIGH (9) | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9806 | 2020‑06‑09 17:15:12 | HIGH (9) | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9805 | 2020‑06‑09 17:15:12 | HIGH (7) | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 4 | NETWORK |
CVE‑2020‑9803 | 2020‑06‑09 17:15:12 | HIGH (9) | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9802 | 2020‑06‑09 17:15:12 | HIGH (9) | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9800 | 2020‑06‑09 17:15:12 | HIGH (9) | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9794 | 2020‑06‑09 17:15:12 | HIGH (8) | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents. | 3 | 5 | NETWORK |
CVE‑2020‑9790 | 2020‑06‑09 17:15:11 | HIGH (9) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9789 | 2020‑06‑09 17:15:11 | HIGH (9) | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑9783 | 2020‑04‑01 18:15:18 | HIGH (9) | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3911 | 2020‑04‑01 18:15:17 | CRITICAL (10) | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | 4 | 6 | NETWORK |
CVE‑2020‑3910 | 2020‑04‑01 18:15:17 | CRITICAL (10) | A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | 4 | 6 | NETWORK |
CVE‑2020‑3909 | 2020‑04‑01 18:15:17 | CRITICAL (10) | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | 4 | 6 | NETWORK |
CVE‑2020‑3902 | 2020‑04‑01 18:15:17 | MEDIUM (6) | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack. | 3 | 3 | NETWORK |
CVE‑2020‑3901 | 2020‑04‑01 18:15:17 | HIGH (9) | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3900 | 2020‑04‑01 18:15:17 | HIGH (9) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3899 | 2020‑04‑01 18:15:16 | HIGH (9) | A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3897 | 2020‑04‑01 18:15:16 | HIGH (9) | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3895 | 2020‑04‑01 18:15:16 | HIGH (9) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3894 | 2020‑04‑01 18:15:16 | LOW (3) | A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. | 2 | 1 | NETWORK |
CVE‑2020‑3887 | 2020‑04‑01 18:15:16 | MEDIUM (4) | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated. | 3 | 1 | NETWORK |
CVE‑2020‑3885 | 2020‑04‑01 18:15:16 | MEDIUM (4) | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. | 3 | 1 | NETWORK |
CVE‑2020‑3878 | 2020‑02‑27 21:15:19 | HIGH (8) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑3868 | 2020‑02‑27 21:15:18 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3867 | 2020‑02‑27 21:15:18 | MEDIUM (6) | A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2020‑3865 | 2020‑02‑27 21:15:18 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3864 | 2020‑10‑27 21:15:15 | HIGH (8) | A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. | 2 | 6 | LOCAL |
CVE‑2020‑3862 | 2020‑02‑27 21:15:18 | MEDIUM (7) | A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. | 3 | 4 | NETWORK |
CVE‑2020‑3861 | 2020‑02‑27 21:15:18 | HIGH (7) | The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system. | 2 | 5 | LOCAL |
CVE‑2020‑3846 | 2020‑02‑27 21:15:17 | HIGH (9) | A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑3826 | 2020‑02‑27 21:15:16 | HIGH (8) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑3825 | 2020‑02‑27 21:15:16 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2020‑36521 | 2022‑09‑23 19:15:10 | HIGH (7) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. | 2 | 5 | LOCAL |
CVE‑2020‑27918 | 2020‑12‑08 22:15:19 | HIGH (8) | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑27917 | 2020‑12‑08 21:15:14 | HIGH (8) | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to code execution. | 2 | 6 | LOCAL |
CVE‑2020‑27912 | 2020‑12‑08 21:15:13 | HIGH (8) | An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑27911 | 2020‑12‑08 21:15:13 | HIGH (8) | An integer overflow was addressed through improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2020‑27895 | 2020‑12‑08 21:15:13 | LOW (3) | An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs. | 2 | 1 | LOCAL |
CVE‑2020‑10002 | 2020‑12‑08 20:15:13 | MEDIUM (6) | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files. | 2 | 4 | LOCAL |
CVE‑2019‑8898 | 2020‑10‑27 21:15:14 | MEDIUM (4) | An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has visited. | 3 | 1 | NETWORK |
CVE‑2019‑8848 | 2020‑10‑27 21:15:13 | HIGH (8) | This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges. | 2 | 6 | LOCAL |
CVE‑2019‑8846 | 2020‑10‑27 21:15:13 | HIGH (9) | A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8844 | 2020‑10‑27 20:15:21 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8835 | 2020‑10‑27 20:15:21 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8834 | 2020‑10‑27 20:15:21 | MEDIUM (4) | A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list. | 3 | 1 | NETWORK |
CVE‑2019‑8827 | 2020‑10‑27 20:15:20 | MEDIUM (4) | The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited. | 3 | 1 | NETWORK |
CVE‑2019‑8825 | 2020‑10‑27 20:15:20 | HIGH (9) | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8823 | 2019‑12‑18 18:15:45 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8822 | 2019‑12‑18 18:15:45 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8821 | 2019‑12‑18 18:15:45 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8820 | 2019‑12‑18 18:15:45 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8819 | 2019‑12‑18 18:15:44 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8816 | 2019‑12‑18 18:15:44 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8815 | 2019‑12‑18 18:15:44 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8814 | 2019‑12‑18 18:15:44 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8813 | 2019‑12‑18 18:15:44 | MEDIUM (6) | A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8812 | 2019‑12‑18 18:15:44 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8811 | 2019‑12‑18 18:15:44 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8808 | 2019‑12‑18 18:15:43 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8801 | 2019‑12‑18 18:15:43 | HIGH (8) | A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2019‑8784 | 2019‑12‑18 18:15:41 | HIGH (8) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges. | 2 | 6 | LOCAL |
CVE‑2019‑8783 | 2019‑12‑18 18:15:41 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8782 | 2019‑12‑18 18:15:41 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8773 | 2020‑10‑27 20:15:19 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8763 | 2019‑12‑18 18:15:39 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8762 | 2020‑10‑27 20:15:19 | MEDIUM (6) | A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8756 | 2020‑10‑27 20:15:19 | CRITICAL (10) | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2. | 4 | 6 | NETWORK |
CVE‑2019‑8752 | 2020‑10‑27 20:15:19 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8751 | 2020‑10‑27 20:15:19 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8749 | 2020‑10‑27 20:15:18 | CRITICAL (10) | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2. | 4 | 6 | NETWORK |
CVE‑2019‑8746 | 2020‑10‑27 20:15:18 | CRITICAL (10) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | 4 | 6 | NETWORK |
CVE‑2019‑8745 | 2019‑12‑18 18:15:38 | HIGH (9) | A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8735 | 2019‑12‑18 18:15:38 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8734 | 2020‑10‑27 20:15:18 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8733 | 2019‑12‑18 18:15:38 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8728 | 2020‑10‑27 20:15:18 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8726 | 2019‑12‑18 18:15:37 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8719 | 2019‑12‑18 18:15:37 | MEDIUM (6) | A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8707 | 2019‑12‑18 18:15:36 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8690 | 2019‑12‑18 18:15:35 | MEDIUM (6) | A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8689 | 2019‑12‑18 18:15:35 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8688 | 2019‑12‑18 18:15:35 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8687 | 2019‑12‑18 18:15:34 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8686 | 2019‑12‑18 18:15:34 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8685 | 2019‑12‑18 18:15:34 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8684 | 2019‑12‑18 18:15:34 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8683 | 2019‑12‑18 18:15:34 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8681 | 2019‑12‑18 18:15:34 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8680 | 2019‑12‑18 18:15:34 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8679 | 2019‑12‑18 18:15:33 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8678 | 2019‑12‑18 18:15:33 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8677 | 2019‑12‑18 18:15:33 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8676 | 2019‑12‑18 18:15:33 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8673 | 2019‑12‑18 18:15:33 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8672 | 2019‑12‑18 18:15:33 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8671 | 2019‑12‑18 18:15:33 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8669 | 2019‑12‑18 18:15:32 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8666 | 2019‑12‑18 18:15:32 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8658 | 2019‑12‑18 18:15:32 | MEDIUM (6) | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8649 | 2019‑12‑18 18:15:31 | MEDIUM (6) | A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8644 | 2019‑12‑18 18:15:31 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8639 | 2020‑10‑27 20:15:17 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8638 | 2020‑10‑27 20:15:16 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8628 | 2019‑12‑18 18:15:30 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8625 | 2019‑12‑18 18:15:30 | MEDIUM (6) | A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8623 | 2019‑12‑18 18:15:30 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8622 | 2019‑12‑18 18:15:30 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8619 | 2019‑12‑18 18:15:30 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8615 | 2019‑12‑18 18:15:29 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 4 | NETWORK |
CVE‑2019‑8611 | 2019‑12‑18 18:15:29 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8610 | 2019‑12‑18 18:15:29 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8609 | 2019‑12‑18 18:15:29 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8608 | 2019‑12‑18 18:15:29 | MEDIUM (6) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 3 | NETWORK |
CVE‑2019‑8607 | 2019‑12‑18 18:15:29 | MEDIUM (7) | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory. | 3 | 4 | NETWORK |
CVE‑2019‑8602 | 2019‑12‑18 18:15:29 | HIGH (8) | A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges. | 2 | 6 | LOCAL |
CVE‑2019‑8601 | 2019‑12‑18 18:15:29 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8600 | 2019‑12‑18 18:15:28 | CRITICAL (10) | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution. | 4 | 6 | NETWORK |
CVE‑2019‑8598 | 2019‑12‑18 18:15:28 | MEDIUM (6) | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory. | 2 | 4 | LOCAL |
CVE‑2019‑8597 | 2019‑12‑18 18:15:28 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 4 | NETWORK |
CVE‑2019‑8596 | 2019‑12‑18 18:15:28 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8595 | 2019‑12‑18 18:15:28 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8594 | 2019‑12‑18 18:15:28 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8587 | 2019‑12‑18 18:15:27 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8586 | 2019‑12‑18 18:15:27 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8584 | 2019‑12‑18 18:15:27 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8583 | 2019‑12‑18 18:15:27 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8582 | 2020‑10‑27 20:15:16 | MEDIUM (6) | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory. | 2 | 4 | LOCAL |
CVE‑2019‑8577 | 2019‑12‑18 18:15:27 | HIGH (8) | An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges. | 2 | 6 | LOCAL |
CVE‑2019‑8571 | 2019‑12‑18 18:15:27 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8570 | 2020‑10‑27 20:15:15 | MEDIUM (7) | A logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information. | 3 | 4 | NETWORK |
CVE‑2019‑8563 | 2019‑12‑18 18:15:26 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8562 | 2019‑12‑18 18:15:26 | CRITICAL (10) | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. | 3 | 6 | NETWORK |
CVE‑2019‑8559 | 2019‑12‑18 18:15:26 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8558 | 2019‑12‑18 18:15:26 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8556 | 2019‑12‑18 18:15:26 | HIGH (9) | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8551 | 2019‑12‑18 18:15:26 | MEDIUM (6) | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. | 3 | 3 | NETWORK |
CVE‑2019‑8544 | 2019‑12‑18 18:15:25 | HIGH (9) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8542 | 2019‑12‑18 18:15:25 | HIGH (8) | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges. | 2 | 6 | LOCAL |
CVE‑2019‑8536 | 2019‑12‑18 18:15:25 | HIGH (9) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8535 | 2019‑12‑18 18:15:25 | HIGH (9) | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8524 | 2019‑12‑18 18:15:24 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8523 | 2019‑12‑18 18:15:24 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8518 | 2019‑12‑18 18:15:24 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8515 | 2019‑12‑18 18:15:23 | MEDIUM (7) | A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information. | 3 | 4 | NETWORK |
CVE‑2019‑8506 | 2019‑12‑18 18:15:23 | HIGH (9) | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑8503 | 2019‑12‑18 18:15:23 | HIGH (9) | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. | 3 | 6 | NETWORK |
CVE‑2019‑7292 | 2019‑12‑18 18:15:22 | MEDIUM (7) | A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory. | 3 | 4 | NETWORK |
CVE‑2019‑7285 | 2019‑12‑18 18:15:22 | HIGH (9) | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑6237 | 2019‑12‑18 18:15:21 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2019‑6235 | 2019‑03‑04 20:29:00 | HIGH (8) | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. | 0 | 0 | NETWORK |
CVE‑2019‑6234 | 2019‑03‑05 16:29:03 | MEDIUM (7) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6233 | 2019‑03‑05 16:29:03 | MEDIUM (7) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6229 | 2019‑03‑05 16:29:03 | MEDIUM (4) | A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting. | 0 | 0 | NETWORK |
CVE‑2019‑6227 | 2019‑03‑05 16:29:02 | MEDIUM (7) | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6226 | 2019‑03‑05 16:29:02 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6221 | 2019‑03‑05 16:29:02 | MEDIUM (7) | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges. | 0 | 0 | NETWORK |
CVE‑2019‑6217 | 2019‑03‑05 16:29:02 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6216 | 2019‑03‑05 16:29:02 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6215 | 2019‑03‑05 16:29:01 | MEDIUM (7) | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6212 | 2019‑03‑05 16:29:01 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | 0 | 0 | NETWORK |
CVE‑2019‑6201 | 2019‑12‑18 18:15:21 | HIGH (9) | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | 3 | 6 | NETWORK |
CVE‑2018‑4474 | 2020‑10‑27 20:15:14 | HIGH (8) | A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure. | 4 | 4 | NETWORK |
CVE‑2018‑4464 | 2019‑04‑03 18:29:17 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4444 | 2020‑10‑27 20:15:14 | MEDIUM (7) | A logic issue was addressed with improved state management. This issue is fixed in Safari 12.0.2, iOS 12.1.1, tvOS 12.1.1, iTunes 12.9.2 for Windows. Processing maliciously crafted web content may disclose sensitive user information. | 3 | 4 | NETWORK |
CVE‑2018‑4443 | 2019‑04‑03 18:29:17 | MEDIUM (7) | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4442 | 2019‑04‑03 18:29:16 | MEDIUM (7) | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4441 | 2019‑04‑03 18:29:16 | MEDIUM (7) | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4440 | 2019‑04‑03 18:29:16 | MEDIUM (4) | A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4439 | 2019‑04‑03 18:29:16 | MEDIUM (4) | A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4438 | 2019‑04‑03 18:29:16 | MEDIUM (7) | A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4437 | 2019‑04‑03 18:29:16 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | 0 | 0 | NETWORK |
CVE‑2018‑4416 | 2019‑04‑03 18:29:14 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4414 | 2019‑04‑03 18:29:14 | MEDIUM (7) | A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4412 | 2019‑04‑03 18:29:14 | MEDIUM (7) | A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4409 | 2019‑04‑03 18:29:14 | MEDIUM (4) | A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4398 | 2019‑04‑03 18:29:13 | MEDIUM (5) | An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4394 | 2019‑04‑03 18:29:13 | MEDIUM (7) | A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1. | 0 | 0 | NETWORK |
CVE‑2018‑4392 | 2019‑04‑03 18:29:13 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4386 | 2019‑04‑03 18:29:12 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4382 | 2019‑04‑03 18:29:12 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4378 | 2019‑04‑03 18:29:12 | MEDIUM (7) | A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4377 | 2019‑04‑03 18:29:12 | MEDIUM (4) | A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4376 | 2019‑04‑03 18:29:12 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4375 | 2019‑04‑03 18:29:11 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4374 | 2019‑04‑03 18:29:11 | MEDIUM (4) | A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4373 | 2019‑04‑03 18:29:11 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4372 | 2019‑04‑03 18:29:11 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | 0 | 0 | NETWORK |
CVE‑2018‑4361 | 2019‑04‑03 18:29:10 | MEDIUM (7) | A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4360 | 2019‑04‑03 18:29:10 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4359 | 2019‑04‑03 18:29:10 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4358 | 2019‑04‑03 18:29:10 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4347 | 2019‑04‑03 18:29:09 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4345 | 2019‑04‑03 18:29:09 | MEDIUM (4) | A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4328 | 2019‑04‑03 18:29:08 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4323 | 2019‑04‑03 18:29:08 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4319 | 2019‑04‑03 18:29:08 | MEDIUM (6) | A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4318 | 2019‑04‑03 18:29:07 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4317 | 2019‑04‑03 18:29:07 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4316 | 2019‑04‑03 18:29:07 | MEDIUM (7) | A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4315 | 2019‑04‑03 18:29:07 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4314 | 2019‑04‑03 18:29:07 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4312 | 2019‑04‑03 18:29:07 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4311 | 2019‑04‑03 18:29:07 | MEDIUM (6) | The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4309 | 2019‑04‑03 18:29:07 | MEDIUM (4) | A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4306 | 2019‑04‑03 18:29:06 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4302 | 2021‑12‑23 20:15:09 | HIGH (8) | A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution. | 2 | 6 | LOCAL |
CVE‑2018‑4299 | 2019‑04‑03 18:29:06 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4293 | 2019‑04‑03 18:29:06 | MEDIUM (5) | A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4284 | 2019‑04‑03 18:29:05 | MEDIUM (7) | A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4278 | 2019‑01‑11 18:29:03 | MEDIUM (4) | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. | 0 | 0 | NETWORK |
CVE‑2018‑4273 | 2019‑04‑03 18:29:05 | MEDIUM (4) | Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4272 | 2019‑04‑03 18:29:05 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4271 | 2019‑04‑03 18:29:04 | MEDIUM (4) | Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4270 | 2019‑04‑03 18:29:04 | MEDIUM (4) | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4269 | 2019‑04‑03 18:29:04 | MEDIUM (7) | A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4267 | 2019‑04‑03 18:29:04 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4266 | 2019‑04‑03 18:29:04 | MEDIUM (4) | A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4265 | 2019‑04‑03 18:29:04 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4264 | 2019‑04‑03 18:29:04 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4263 | 2019‑04‑03 18:29:04 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4262 | 2019‑01‑11 18:29:03 | MEDIUM (7) | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. | 0 | 0 | NETWORK |
CVE‑2018‑4261 | 2019‑04‑03 18:29:03 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | 0 | 0 | NETWORK |
CVE‑2018‑4246 | 2018‑06‑08 18:29:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion. | 0 | 0 | NETWORK |
CVE‑2018‑4233 | 2018‑06‑08 18:29:02 | HIGH (9) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 3 | 6 | NETWORK |
CVE‑2018‑4232 | 2018‑06‑08 18:29:02 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to overwrite cookies via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4226 | 2018‑06‑08 18:29:02 | LOW (2) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of sensitive user information. | 0 | 0 | LOCAL |
CVE‑2018‑4225 | 2018‑06‑08 18:29:02 | LOW (2) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on Keychain state modifications. | 0 | 0 | LOCAL |
CVE‑2018‑4224 | 2018‑06‑08 18:29:02 | LOW (2) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a persistent device identifier. | 0 | 0 | LOCAL |
CVE‑2018‑4222 | 2018‑06‑08 18:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation. | 0 | 0 | NETWORK |
CVE‑2018‑4218 | 2018‑06‑08 18:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free. | 0 | 0 | NETWORK |
CVE‑2018‑4214 | 2018‑06‑08 18:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to cause a denial of service (memory corruption and Safari crash) or possibly have unspecified other impact via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4213 | 2019‑01‑11 18:29:02 | MEDIUM (7) | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | 0 | 0 | NETWORK |
CVE‑2018‑4212 | 2019‑01‑11 18:29:02 | MEDIUM (7) | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | 0 | 0 | NETWORK |
CVE‑2018‑4210 | 2019‑01‑11 18:29:02 | MEDIUM (7) | In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks. | 0 | 0 | NETWORK |
CVE‑2018‑4209 | 2019‑01‑11 18:29:02 | MEDIUM (7) | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | 0 | 0 | NETWORK |
CVE‑2018‑4208 | 2019‑01‑11 18:29:02 | MEDIUM (7) | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | 0 | 0 | NETWORK |
CVE‑2018‑4207 | 2019‑01‑11 18:29:02 | MEDIUM (7) | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | 0 | 0 | NETWORK |
CVE‑2018‑4204 | 2018‑06‑08 18:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4201 | 2018‑06‑08 18:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4200 | 2018‑06‑08 18:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free. | 0 | 0 | NETWORK |
CVE‑2018‑4199 | 2018‑06‑08 18:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4197 | 2019‑04‑03 18:29:03 | MEDIUM (7) | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4194 | 2019‑01‑11 18:29:01 | MEDIUM (7) | In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | 0 | 0 | NETWORK |
CVE‑2018‑4192 | 2018‑06‑08 18:29:01 | MEDIUM (5) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition. | 0 | 0 | NETWORK |
CVE‑2018‑4191 | 2019‑04‑03 18:29:03 | MEDIUM (7) | A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4190 | 2018‑06‑08 18:29:00 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive credential information that is transmitted during a CSS mask-image fetch. | 0 | 0 | NETWORK |
CVE‑2018‑4188 | 2018‑06‑08 18:29:00 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4165 | 2018‑04‑03 06:29:08 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4163 | 2018‑04‑03 06:29:08 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4162 | 2018‑04‑03 06:29:07 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4161 | 2018‑04‑03 06:29:07 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4147 | 2019‑01‑11 18:29:01 | MEDIUM (7) | In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. | 0 | 0 | NETWORK |
CVE‑2018‑4146 | 2018‑04‑03 06:29:07 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows attackers to cause a denial of service (memory corruption) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4145 | 2019‑04‑03 18:29:02 | MEDIUM (7) | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.3, tvOS 11.3, watchOS 4.3, Safari 11.1, iTunes 12.7.4 for Windows, iCloud for Windows 7.4. | 0 | 0 | NETWORK |
CVE‑2018‑4144 | 2018‑04‑03 06:29:07 | HIGH (9) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. | 0 | 0 | NETWORK |
CVE‑2018‑4130 | 2018‑04‑03 06:29:06 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4129 | 2018‑04‑03 06:29:06 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4128 | 2018‑04‑03 06:29:06 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4127 | 2018‑04‑03 06:29:06 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4126 | 2019‑04‑03 18:29:02 | HIGH (9) | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. | 0 | 0 | NETWORK |
CVE‑2018‑4125 | 2018‑04‑03 06:29:06 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4122 | 2018‑04‑03 06:29:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4121 | 2018‑04‑03 06:29:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4120 | 2018‑04‑03 06:29:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4119 | 2018‑04‑03 06:29:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4118 | 2018‑04‑03 06:29:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4117 | 2018‑04‑03 06:29:05 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4114 | 2018‑04‑03 06:29:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4113 | 2018‑04‑03 06:29:05 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing. | 0 | 0 | NETWORK |
CVE‑2018‑4101 | 2018‑04‑03 06:29:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4096 | 2018‑04‑03 06:29:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2018‑4088 | 2018‑04‑03 06:29:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7172 | 2018‑04‑03 06:29:03 | HIGH (9) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Session" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 0 | 0 | NETWORK |
CVE‑2017‑7165 | 2018‑04‑03 06:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7160 | 2017‑12‑27 17:08:25 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7157 | 2017‑12‑27 17:08:24 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7156 | 2017‑12‑27 17:08:24 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7153 | 2018‑04‑03 06:29:02 | MEDIUM (6) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401 Unauthorized redirect. | 0 | 0 | NETWORK |
CVE‑2017‑7151 | 2019‑04‑03 18:29:01 | MEDIUM (5) | A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4. | 0 | 0 | NETWORK |
CVE‑2017‑7120 | 2017‑10‑23 01:29:13 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7117 | 2017‑10‑23 01:29:13 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7111 | 2017‑10‑23 01:29:13 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7109 | 2017‑10‑23 01:29:13 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted web content that incorrectly interacts with the Application Cache policy. | 0 | 0 | NETWORK |
CVE‑2017‑7107 | 2017‑10‑23 01:29:13 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7104 | 2017‑10‑23 01:29:13 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7102 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7100 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7099 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7098 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7096 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7095 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7094 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7093 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7092 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7091 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7090 | 2017‑10‑23 01:29:12 | MEDIUM (5) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive cookie information via a custom URL scheme. | 0 | 0 | NETWORK |
CVE‑2017‑7087 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7081 | 2017‑10‑23 01:29:12 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7079 | 2017‑10‑23 01:29:12 | MEDIUM (4) | An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups (written by iTunes) via a crafted app. | 0 | 0 | NETWORK |
CVE‑2017‑7064 | 2017‑07‑20 16:29:02 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | 0 | 0 | NETWORK |
CVE‑2017‑7061 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7056 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7055 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7053 | 2017‑07‑20 16:29:02 | HIGH (9) | An issue was discovered in certain Apple products. iTunes before 12.6.2 on Windows is affected. The issue involves the "iTunes" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. | 0 | 0 | NETWORK |
CVE‑2017‑7052 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7049 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7048 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7046 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7043 | 2017‑07‑20 16:29:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7042 | 2017‑07‑20 16:29:02 | HIGH (9) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7041 | 2017‑07‑20 16:29:01 | HIGH (9) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7040 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7039 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7037 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7034 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7030 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7020 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7019 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit Page Loading" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7018 | 2017‑07‑20 16:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7013 | 2017‑07‑20 16:29:00 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxml2" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted XML file. | 0 | 0 | NETWORK |
CVE‑2017‑7012 | 2017‑07‑20 16:29:00 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑7010 | 2017‑07‑20 16:29:00 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "libxml2" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted XML file. | 0 | 0 | NETWORK |
CVE‑2017‑6984 | 2017‑05‑22 05:29:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iTunes before 12.6.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑2480 | 2017‑04‑02 01:59:04 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑2479 | 2017‑04‑02 01:59:04 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑2463 | 2017‑04‑02 01:59:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑2383 | 2017‑04‑02 01:59:00 | LOW (4) | An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in the "APNs Server" component. It allows man-in-the-middle attackers to track users via correlation with this certificate. | 0 | 0 | NETWORK |
CVE‑2017‑2366 | 2017‑02‑20 08:59:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑2356 | 2017‑02‑20 08:59:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑2355 | 2017‑02‑20 08:59:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑2354 | 2017‑02‑20 08:59:05 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13885 | 2018‑04‑03 06:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13884 | 2018‑04‑03 06:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13870 | 2017‑12‑25 21:29:15 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13866 | 2017‑12‑25 21:29:14 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13864 | 2017‑12‑25 21:29:14 | MEDIUM (4) | An issue was discovered in certain Apple products. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. The issue involves the "APNs Server" component. It allows man-in-the-middle attackers to track users by leveraging mishandling of client certificates. | 0 | 0 | NETWORK |
CVE‑2017‑13856 | 2017‑12‑25 21:29:14 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13803 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13802 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13798 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13797 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13796 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13795 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13794 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13793 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13792 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13791 | 2017‑11‑13 03:29:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13788 | 2017‑11‑13 03:29:00 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13785 | 2017‑11‑13 03:29:00 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13784 | 2017‑11‑13 03:29:00 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2017‑13783 | 2017‑11‑13 03:29:00 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7656 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7654 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7652 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7649 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7648 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7646 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7645 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7642 | 2017‑02‑20 08:59:04 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7641 | 2017‑02‑20 08:59:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7640 | 2017‑02‑20 08:59:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7639 | 2017‑02‑20 08:59:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7635 | 2017‑02‑20 08:59:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7632 | 2017‑02‑20 08:59:03 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7611 | 2017‑02‑20 08:59:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7610 | 2017‑02‑20 08:59:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7599 | 2017‑02‑20 08:59:02 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP redirects. | 0 | 0 | NETWORK |
CVE‑2016‑7598 | 2017‑02‑20 08:59:02 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7592 | 2017‑02‑20 08:59:02 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site. | 0 | 0 | NETWORK |
CVE‑2016‑7589 | 2017‑02‑20 08:59:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7587 | 2017‑02‑20 08:59:02 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7586 | 2017‑02‑20 08:59:02 | MEDIUM (4) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑7578 | 2017‑02‑20 08:59:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4769 | 2016‑09‑25 11:00:03 | MEDIUM (7) | WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4768 | 2016‑09‑25 11:00:02 | MEDIUM (7) | WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767. | 0 | 0 | NETWORK |
CVE‑2016‑4767 | 2016‑09‑25 11:00:00 | MEDIUM (7) | WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768. | 0 | 0 | NETWORK |
CVE‑2016‑4766 | 2016‑09‑25 10:59:59 | MEDIUM (7) | WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768. | 0 | 0 | NETWORK |
CVE‑2016‑4765 | 2016‑09‑25 10:59:58 | MEDIUM (7) | WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768. | 0 | 0 | NETWORK |
CVE‑2016‑4764 | 2017‑02‑20 08:59:01 | HIGH (9) | An issue was discovered in certain Apple products. iOS before 10 is affected. Safari before 10 is affected. iTunes before 12.5.1 is affected. tvOS before 10 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 3 | 6 | NETWORK |
CVE‑2016‑4763 | 2016‑09‑25 10:59:57 | MEDIUM (5) | WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 0 | 0 | NETWORK |
CVE‑2016‑4762 | 2016‑09‑25 10:59:56 | MEDIUM (7) | WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud before 6.0 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4760 | 2016‑09‑25 10:59:55 | MEDIUM (4) | WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 support. | 0 | 0 | NETWORK |
CVE‑2016‑4759 | 2016‑09‑25 10:59:54 | MEDIUM (7) | WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768. | 0 | 0 | NETWORK |
CVE‑2016‑4758 | 2016‑09‑25 10:59:53 | MEDIUM (4) | WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4743 | 2017‑02‑20 08:59:01 | MEDIUM (6) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4728 | 2016‑09‑25 10:59:32 | MEDIUM (7) | WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4692 | 2017‑02‑20 08:59:01 | MEDIUM (7) | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4616 | 2016‑07‑22 02:59:39 | HIGH (8) | libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619. | 0 | 0 | NETWORK |
CVE‑2016‑4615 | 2016‑07‑22 02:59:38 | HIGH (8) | libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619. | 0 | 0 | NETWORK |
CVE‑2016‑4614 | 2016‑07‑22 02:59:36 | CRITICAL (10) | libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4615, CVE-2016-4616, and CVE-2016-4619. | 4 | 6 | NETWORK |
CVE‑2016‑4613 | 2017‑02‑20 08:59:00 | MEDIUM (4) | An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2016‑4610 | 2016‑07‑22 02:59:34 | CRITICAL (10) | libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612. | 4 | 6 | NETWORK |
CVE‑2016‑4609 | 2016‑07‑22 02:59:33 | CRITICAL (10) | libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612. | 4 | 6 | NETWORK |
CVE‑2016‑4608 | 2016‑07‑22 02:59:32 | CRITICAL (10) | libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. | 4 | 6 | NETWORK |
CVE‑2016‑4607 | 2016‑07‑22 02:59:30 | CRITICAL (10) | libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. | 4 | 6 | NETWORK |
CVE‑2016‑1742 | 2016‑05‑20 10:59:01 | HIGH (7) | Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | 0 | 0 | LOCAL |
CVE‑2015‑7017 | 2015‑10‑23 10:59:13 | HIGH (8) | CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992. | 0 | 0 | NETWORK |
CVE‑2015‑7014 | 2015‑10‑23 21:59:49 | MEDIUM (7) | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑7013 | 2015‑10‑23 21:59:48 | MEDIUM (7) | WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑7012 | 2015‑10‑23 21:59:47 | MEDIUM (7) | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑7011 | 2015‑10‑23 21:59:46 | MEDIUM (7) | WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑7002 | 2015‑10‑23 21:59:39 | MEDIUM (7) | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑6992 | 2015‑10‑23 10:59:06 | HIGH (8) | CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017. | 0 | 0 | NETWORK |
CVE‑2015‑6975 | 2015‑10‑23 10:59:00 | HIGH (8) | CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 and CVE-2015-7017. | 0 | 0 | NETWORK |
CVE‑2015‑5931 | 2015‑10‑23 21:59:08 | MEDIUM (7) | WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑5930 | 2015‑10‑23 21:59:07 | MEDIUM (7) | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑5929 | 2015‑10‑23 21:59:06 | MEDIUM (7) | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑5928 | 2015‑10‑23 21:59:05 | MEDIUM (7) | WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | 0 | 0 | NETWORK |
CVE‑2015‑5920 | 2015‑09‑18 12:01:00 | MEDIUM (4) | The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, which allows man-in-the-middle attackers to discover encrypted SMB credentials via unspecified vectors. | 0 | 0 | NETWORK |
CVE‑2015‑5874 | 2015‑09‑18 12:00:17 | HIGH (8) | CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file. | 0 | 0 | NETWORK |
CVE‑2015‑5823 | 2015‑09‑18 10:59:42 | MEDIUM (7) | WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5822 | 2015‑09‑18 10:59:41 | MEDIUM (7) | WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5821 | 2015‑09‑18 10:59:40 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5819 | 2015‑09‑18 10:59:38 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5818 | 2015‑09‑18 10:59:37 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5817 | 2015‑09‑18 10:59:36 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5816 | 2015‑09‑18 10:59:35 | MEDIUM (7) | WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5815 | 2015‑09‑18 10:59:34 | MEDIUM (7) | WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5814 | 2015‑09‑18 10:59:33 | MEDIUM (7) | WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5813 | 2015‑09‑18 10:59:32 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5812 | 2015‑09‑18 10:59:31 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5811 | 2015‑09‑18 10:59:30 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5810 | 2015‑09‑18 10:59:29 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5809 | 2015‑09‑18 10:59:28 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5808 | 2015‑09‑18 10:59:27 | MEDIUM (7) | WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5807 | 2015‑09‑18 10:59:26 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5806 | 2015‑09‑18 10:59:26 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5805 | 2015‑09‑18 10:59:25 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5804 | 2015‑09‑18 10:59:24 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5803 | 2015‑09‑18 10:59:23 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5802 | 2015‑09‑18 10:59:22 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5801 | 2015‑09‑18 10:59:21 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5800 | 2015‑09‑18 10:59:20 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5799 | 2015‑09‑18 10:59:19 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5798 | 2015‑09‑18 10:59:18 | MEDIUM (7) | WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5797 | 2015‑09‑18 10:59:17 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5796 | 2015‑09‑18 10:59:16 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5795 | 2015‑09‑18 10:59:15 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5794 | 2015‑09‑18 10:59:13 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5793 | 2015‑09‑18 10:59:12 | MEDIUM (7) | WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5792 | 2015‑09‑18 10:59:11 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5791 | 2015‑09‑18 10:59:10 | MEDIUM (7) | WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5790 | 2015‑09‑18 10:59:09 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2015‑5789 | 2015‑09‑18 10:59:08 | MEDIUM (7) | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | 0 | 0 | NETWORK |
CVE‑2014‑3192 | 2014‑10‑08 10:55:06 | HIGH (8) | Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2014‑1347 | 2014‑05‑18 11:12:54 | MEDIUM (4) | Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations. | 0 | 0 | LOCAL |
CVE‑2014‑1242 | 2014‑01‑23 19:55:04 | MEDIUM (6) | Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream. | 0 | 0 | NETWORK |
CVE‑2013‑1035 | 2013‑09‑19 10:27:56 | HIGH (9) | The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 0 | 0 | NETWORK |
CVE‑2013‑1014 | 2013‑05‑20 14:44:35 | MEDIUM (4) | Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate. | 0 | 0 | ADJACENT_NETWORK |
CVE‑2013‑1011 | 2013‑05‑20 14:44:35 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1010 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1008 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1007 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1006 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1005 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1004 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1003 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1002 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1001 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑1000 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0999 | 2013‑05‑20 14:44:35 | HIGH (9) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0998 | 2013‑05‑20 14:44:35 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0997 | 2013‑05‑20 14:44:35 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0996 | 2013‑05‑20 14:44:35 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0995 | 2013‑05‑20 14:44:35 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0994 | 2013‑05‑20 14:44:35 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0993 | 2013‑05‑20 14:44:34 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0992 | 2013‑05‑20 14:44:34 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2013‑0991 | 2013‑05‑20 14:44:34 | MEDIUM (7) | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | 0 | 0 | NETWORK |
CVE‑2012‑3712 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3711 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3710 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3709 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3708 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3707 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3706 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3705 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3704 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3703 | 2012‑09‑13 10:30:21 | HIGH (8) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3702 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3701 | 2012‑09‑13 10:30:21 | HIGH (9) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3700 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3699 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3692 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3688 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3687 | 2012‑09‑13 10:30:21 | HIGH (9) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3685 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3684 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3677 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3676 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3675 | 2012‑09‑13 10:30:21 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3673 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3672 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3671 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3660 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3659 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3658 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3657 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3654 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3652 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3651 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3649 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3648 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3647 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3643 | 2012‑09‑13 10:30:20 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3632 | 2012‑09‑13 10:30:20 | HIGH (9) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3624 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3623 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3622 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3621 | 2012‑09‑13 10:30:19 | HIGH (9) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3617 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3616 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3614 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3613 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3612 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3607 | 2012‑09‑13 10:30:19 | HIGH (9) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3606 | 2012‑09‑13 10:30:19 | HIGH (9) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3602 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3601 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑3598 | 2012‑09‑13 10:30:19 | MEDIUM (7) | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | 0 | 0 | NETWORK |
CVE‑2012‑1521 | 2012‑05‑01 10:12:04 | MEDIUM (7) | Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2012‑0677 | 2012‑06‑12 14:55:01 | HIGH (9) | Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist. | 0 | 0 | NETWORK |
CVE‑2012‑0648 | 2012‑03‑08 22:55:04 | HIGH (8) | WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | 0 | 0 | NETWORK |
CVE‑2012‑0639 | 2012‑03‑08 22:55:04 | HIGH (8) | WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | 0 | 0 | NETWORK |
CVE‑2012‑0638 | 2012‑03‑08 22:55:04 | HIGH (8) | WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | 0 | 0 | NETWORK |
CVE‑2012‑0637 | 2012‑03‑08 22:55:04 | HIGH (8) | WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | 0 | 0 | NETWORK |
CVE‑2012‑0636 | 2012‑03‑08 22:55:04 | HIGH (8) | WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | 0 | 0 | NETWORK |
CVE‑2012‑0635 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0634 | 2012‑03‑08 22:55:04 | HIGH (8) | WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | 0 | 0 | NETWORK |
CVE‑2012‑0633 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0632 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0631 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0630 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0629 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0628 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0627 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0626 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0625 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0624 | 2012‑03‑08 22:55:04 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0623 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0622 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0621 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0620 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0619 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0618 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0617 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0616 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0615 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0614 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0613 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0612 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0611 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0610 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0609 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0608 | 2012‑03‑08 22:55:03 | MEDIUM (7) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0607 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0606 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0605 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0604 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0603 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0602 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0601 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0600 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0599 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0598 | 2012‑03‑08 22:55:03 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0597 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0596 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0595 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0594 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0593 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0592 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2012‑0591 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑3971 | 2012‑02‑09 04:10:29 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. | 0 | 0 | NETWORK |
CVE‑2011‑3969 | 2012‑02‑09 04:10:29 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. | 0 | 0 | NETWORK |
CVE‑2011‑3968 | 2012‑02‑09 04:10:29 | MEDIUM (4) | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. | 0 | 0 | NETWORK |
CVE‑2011‑3966 | 2012‑02‑09 04:10:29 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. | 0 | 0 | NETWORK |
CVE‑2011‑3958 | 2012‑02‑09 04:10:29 | MEDIUM (7) | Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | 0 | 0 | NETWORK |
CVE‑2011‑3926 | 2012‑01‑24 04:03:36 | HIGH (8) | Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2011‑3924 | 2012‑01‑24 04:03:36 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. | 0 | 0 | NETWORK |
CVE‑2011‑3913 | 2011‑12‑13 21:55:01 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. | 0 | 0 | NETWORK |
CVE‑2011‑3909 | 2011‑12‑13 21:55:01 | MEDIUM (5) | The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. | 0 | 0 | NETWORK |
CVE‑2011‑3908 | 2011‑12‑13 21:55:01 | MEDIUM (5) | Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 0 | 0 | NETWORK |
CVE‑2011‑3897 | 2011‑11‑11 11:55:03 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. | 0 | 0 | NETWORK |
CVE‑2011‑3888 | 2011‑10‑25 19:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. | 0 | 0 | NETWORK |
CVE‑2011‑3885 | 2011‑10‑25 19:55:02 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. | 0 | 0 | NETWORK |
CVE‑2011‑3252 | 2011‑10‑12 18:55:02 | HIGH (9) | Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream. | 0 | 0 | NETWORK |
CVE‑2011‑3244 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3241 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3239 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3238 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3237 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3236 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3235 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3234 | 2011‑09‑19 12:02:57 | MEDIUM (5) | Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 0 | 0 | NETWORK |
CVE‑2011‑3233 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑3219 | 2011‑10‑12 18:55:02 | HIGH (9) | Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | 0 | 0 | NETWORK |
CVE‑2011‑3081 | 2012‑05‑01 10:12:04 | HIGH (9) | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. | 0 | 0 | NETWORK |
CVE‑2011‑3078 | 2012‑05‑01 10:12:04 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. | 0 | 0 | NETWORK |
CVE‑2011‑3076 | 2012‑04‑05 22:02:08 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. | 0 | 0 | NETWORK |
CVE‑2011‑3075 | 2012‑04‑05 22:02:08 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. | 0 | 0 | NETWORK |
CVE‑2011‑3074 | 2012‑04‑05 22:02:08 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. | 0 | 0 | NETWORK |
CVE‑2011‑3073 | 2012‑04‑05 22:02:08 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources. | 0 | 0 | NETWORK |
CVE‑2011‑3071 | 2012‑04‑05 22:02:08 | MEDIUM (7) | Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2011‑3069 | 2012‑04‑05 22:02:08 | MEDIUM (7) | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. | 0 | 0 | NETWORK |
CVE‑2011‑3068 | 2012‑04‑05 22:02:08 | MEDIUM (7) | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes. | 0 | 0 | NETWORK |
CVE‑2011‑3064 | 2012‑03‑30 22:55:02 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. | 0 | 0 | NETWORK |
CVE‑2011‑3060 | 2012‑03‑30 22:55:02 | MEDIUM (7) | Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 0 | 0 | NETWORK |
CVE‑2011‑3059 | 2012‑03‑30 22:55:01 | MEDIUM (7) | Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 0 | 0 | NETWORK |
CVE‑2011‑3053 | 2012‑03‑22 16:55:01 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. | 0 | 0 | NETWORK |
CVE‑2011‑3050 | 2012‑03‑22 16:55:01 | MEDIUM (7) | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | 0 | 0 | NETWORK |
CVE‑2011‑3044 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. | 0 | 0 | NETWORK |
CVE‑2011‑3043 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements. | 0 | 0 | NETWORK |
CVE‑2011‑3042 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. | 0 | 0 | NETWORK |
CVE‑2011‑3041 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes. | 0 | 0 | NETWORK |
CVE‑2011‑3040 | 2012‑03‑05 19:55:02 | MEDIUM (4) | Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | 0 | 0 | NETWORK |
CVE‑2011‑3039 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. | 0 | 0 | NETWORK |
CVE‑2011‑3038 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. | 0 | 0 | NETWORK |
CVE‑2011‑3037 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | 0 | 0 | NETWORK |
CVE‑2011‑3036 | 2012‑03‑05 19:55:02 | MEDIUM (7) | Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | 0 | 0 | NETWORK |
CVE‑2011‑3035 | 2012‑03‑05 19:55:01 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. | 0 | 0 | NETWORK |
CVE‑2011‑3034 | 2012‑03‑05 19:55:01 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document. | 0 | 0 | NETWORK |
CVE‑2011‑3032 | 2012‑03‑05 19:55:01 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values. | 0 | 0 | NETWORK |
CVE‑2011‑3027 | 2012‑02‑16 20:55:04 | MEDIUM (4) | Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | 0 | 0 | NETWORK |
CVE‑2011‑3021 | 2012‑02‑16 20:55:04 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. | 0 | 0 | NETWORK |
CVE‑2011‑3016 | 2012‑02‑16 20:55:03 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. | 0 | 0 | NETWORK |
CVE‑2011‑2877 | 2011‑10‑04 20:55:02 | MEDIUM (7) | Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font." | 0 | 0 | NETWORK |
CVE‑2011‑2873 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2872 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2871 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2870 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2869 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2868 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2867 | 2012‑03‑08 22:55:02 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2866 | 2012‑03‑08 22:55:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | 0 | 0 | NETWORK |
CVE‑2011‑2860 | 2011‑09‑19 12:02:56 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. | 0 | 0 | NETWORK |
CVE‑2011‑2857 | 2011‑09‑19 12:02:56 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller. | 0 | 0 | NETWORK |
CVE‑2011‑2855 | 2011‑09‑19 12:02:56 | MEDIUM (7) | Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." | 0 | 0 | NETWORK |
CVE‑2011‑2854 | 2011‑09‑19 12:02:56 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." | 0 | 0 | NETWORK |
CVE‑2011‑2847 | 2011‑09‑19 12:02:56 | MEDIUM (7) | Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | 0 | 0 | NETWORK |
CVE‑2011‑2846 | 2011‑09‑19 12:02:56 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling. | 0 | 0 | NETWORK |
CVE‑2011‑2833 | 2012‑03‑08 22:55:01 | HIGH (9) | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | 0 | 0 | NETWORK |
CVE‑2011‑2831 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2827 | 2011‑08‑29 15:55:02 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. | 0 | 0 | NETWORK |
CVE‑2011‑2825 | 2011‑08‑29 15:55:02 | HIGH (9) | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. | 0 | 0 | NETWORK |
CVE‑2011‑2823 | 2011‑08‑29 15:55:02 | HIGH (8) | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box. | 0 | 0 | NETWORK |
CVE‑2011‑2820 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2818 | 2011‑08‑03 00:55:03 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. | 0 | 0 | NETWORK |
CVE‑2011‑2817 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2816 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2815 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2814 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2813 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2811 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2809 | 2011‑10‑12 18:55:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2799 | 2011‑08‑03 00:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. | 0 | 0 | NETWORK |
CVE‑2011‑2797 | 2011‑08‑03 00:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. | 0 | 0 | NETWORK |
CVE‑2011‑2792 | 2011‑08‑03 00:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. | 0 | 0 | NETWORK |
CVE‑2011‑2790 | 2011‑08‑03 00:55:02 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. | 0 | 0 | NETWORK |
CVE‑2011‑2788 | 2011‑08‑03 00:55:02 | MEDIUM (7) | Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2011‑2359 | 2011‑08‑03 00:55:01 | MEDIUM (7) | Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 0 | 0 | NETWORK |
CVE‑2011‑2356 | 2011‑10‑12 18:55:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2354 | 2011‑10‑12 18:55:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2352 | 2011‑10‑12 18:55:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2351 | 2011‑06‑29 17:55:04 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. | 0 | 0 | NETWORK |
CVE‑2011‑2341 | 2011‑10‑12 18:55:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2339 | 2011‑10‑12 18:55:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑2338 | 2011‑10‑12 18:55:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | 0 | 0 | NETWORK |
CVE‑2011‑1451 | 2011‑05‑03 22:55:02 | HIGH (8) | Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | 0 | 0 | NETWORK |
CVE‑2011‑1449 | 2011‑05‑03 22:55:02 | MEDIUM (7) | Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2011‑1440 | 2011‑05‑03 22:55:01 | MEDIUM (7) | Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | 0 | 0 | NETWORK |
CVE‑2011‑1296 | 2011‑03‑25 19:55:01 | HIGH (8) | Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 0 | 0 | NETWORK |
CVE‑2011‑1293 | 2011‑03‑25 19:55:01 | HIGH (8) | Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2011‑1204 | 2011‑03‑11 02:01:20 | MEDIUM (7) | Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. | 0 | 0 | NETWORK |
CVE‑2011‑1203 | 2011‑03‑11 02:01:20 | HIGH (8) | Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 0 | 0 | NETWORK |
CVE‑2011‑1188 | 2011‑03‑11 02:01:19 | HIGH (8) | Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 0 | 0 | NETWORK |
CVE‑2011‑1121 | 2011‑03‑01 23:00:04 | HIGH (8) | Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | 0 | 0 | NETWORK |
CVE‑2011‑1117 | 2011‑03‑01 23:00:03 | HIGH (8) | Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." | 0 | 0 | NETWORK |
CVE‑2011‑1115 | 2011‑03‑01 23:00:03 | HIGH (8) | Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 0 | 0 | NETWORK |
CVE‑2011‑1114 | 2011‑03‑01 23:00:03 | HIGH (8) | Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." | 0 | 0 | NETWORK |
CVE‑2011‑1109 | 2011‑03‑01 23:00:03 | HIGH (8) | Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 0 | 0 | NETWORK |
CVE‑2011‑0983 | 2011‑02‑10 19:00:02 | HIGH (8) | Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 0 | 0 | NETWORK |
CVE‑2011‑0981 | 2011‑02‑10 19:00:02 | HIGH (8) | Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 0 | 0 | NETWORK |
CVE‑2011‑0259 | 2011‑10‑12 18:55:01 | HIGH (8) | CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | 0 | 0 | NETWORK |
CVE‑2011‑0192 | 2011‑03‑03 20:00:03 | HIGH (9) | Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information. | 0 | 0 | NETWORK |
CVE‑2011‑0191 | 2011‑03‑03 20:00:03 | HIGH (9) | Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. | 0 | 0 | NETWORK |
CVE‑2011‑0170 | 2011‑03‑03 20:00:03 | HIGH (9) | Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile in a JPEG image. | 0 | 0 | NETWORK |
CVE‑2011‑0168 | 2011‑03‑03 20:00:03 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0165 | 2011‑03‑03 20:00:03 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0164 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0156 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0155 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0154 | 2011‑03‑03 20:00:02 | MEDIUM (5) | WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement the .sort function for JavaScript arrays, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0153 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0152 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0151 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0150 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0149 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to a "dangling pointer" and iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0148 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0147 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0146 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0145 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0144 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0143 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0142 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0141 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0140 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0139 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0138 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0137 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0136 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0135 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0134 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0133 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during layout actions for floating blocks associated with pseudo-elements, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0132 | 2011‑03‑03 20:00:02 | HIGH (8) | Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0131 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0130 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0129 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0128 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0127 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0126 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0125 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0124 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0123 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0122 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0121 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0120 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0119 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0118 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0117 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0116 | 2011‑03‑03 20:00:02 | HIGH (8) | Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0115 | 2011‑03‑03 20:00:02 | HIGH (8) | The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0114 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0113 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0112 | 2011‑03‑03 20:00:02 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2011‑0111 | 2011‑03‑03 20:00:01 | HIGH (8) | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 0 | 0 | NETWORK |
CVE‑2010‑4494 | 2010‑12‑07 21:00:10 | HIGH (8) | Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | 0 | 0 | NETWORK |
CVE‑2010‑4008 | 2010‑11‑17 01:00:03 | MEDIUM (4) | libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | 0 | 0 | NETWORK |
CVE‑2010‑3190 | 2010‑08‑31 20:00:02 | HIGH (9) | Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability." | 0 | 0 | NETWORK |
CVE‑2010‑1824 | 2010‑09‑24 19:00:04 | HIGH (9) | Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. | 0 | 0 | NETWORK |
CVE‑2010‑1823 | 2010‑09‑24 19:00:04 | HIGH (9) | Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. | 0 | 0 | NETWORK |
CVE‑2010‑1795 | 2010‑08‑20 20:00:02 | HIGH (9) | Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. | 0 | 0 | NETWORK |
CVE‑2010‑1777 | 2010‑07‑30 13:26:13 | HIGH (9) | Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL. | 0 | 0 | NETWORK |
CVE‑2010‑1769 | 2010‑06‑18 16:30:01 | HIGH (10) | WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763. | 0 | 0 | NETWORK |
CVE‑2010‑1768 | 2010‑08‑20 20:00:01 | MEDIUM (7) | Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch. | 0 | 0 | LOCAL |
CVE‑2010‑1763 | 2010‑06‑18 16:30:01 | HIGH (10) | Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769. | 0 | 0 | NETWORK |
CVE‑2010‑1387 | 2010‑06‑18 16:30:01 | HIGH (9) | Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | 0 | 0 | NETWORK |
CVE‑2010‑0532 | 2010‑03‑31 18:30:00 | MEDIUM (7) | Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse. | 0 | 0 | LOCAL |
CVE‑2010‑0531 | 2010‑03‑31 18:30:00 | MEDIUM (4) | Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. | 0 | 0 | NETWORK |
Patch more applications, achieve compliance, and prevent problems while reducing stress with Lavawall®.
A security tool by security auditors. From Passkeys and Argon2i to source validation and MVSP principles, Lavawall® has you covered.
More features and more security added nearly every day.
While Ninite and other patching tools have had the same patch offerings for decades, we're monitoring stats to keep adding the most useful programs (currently over 7,463)!
From wrapping TLS communications in extra encryption and uninstalling remote support tools when they aren't used to detailed statistical analysis of system and network performance, Lavawall® goes in-depth.
Lavawall® goes beyond patches and breach detection. We also monitor for risky Chromium extensions and allowed notifications that might be part of a phishing or ransomware attack.
Extend the security features of Cloudflare, Microsoft, Google, Sophos, and other cloud providers to create a Lavawall® of protection
Even if you used breached remote management tools like ScreenConnect through Lavawall® when it was vulnerable, your computers stayed safe because we only install the agent when it needs to be used.
Easily deploy, monitor, and analyze security tools like Huntress, AutoElevate, and Sophos. Magically gain details from ZenDesk, ConnectWise, Datto, Panorama9, Microsoft, and Google.
Get immediate fixes, user notifications, admin notifications -- and even security-certified human level 3 support when our advanced statistical analysis confirms a problem or anomaly.
2024‑12‑02 | 0.12.19.206 | test commit |
2024‑11‑22 | 0.12.18.205 | |
2024‑10‑30 | 0.12.8.195 | Mac update refinements |
2024‑10‑25 | 0.12.3.190 | |
2024‑10‑21 | 0.12.0.187 | Macos implementaiton, linux and windows improvements |
2024‑10‑16 | 0.11.128.186 | Linux stats and system information improvements, improvements for application shutdown |
2024‑09‑12 | 0.11.113.171 | CPU Optimizations and Packages reliability improvements |
2024‑09‑05 | 0.11.106.164 | Phased deployment enhancements |
2024‑09‑04 | 0.11.103.161 | |
2024‑09‑02 | 0.11.102.160 | CPU Optimizations and Packages reliability improvements |
2024‑08‑30 | 0.11.99.157 | CPU Optimizations and Packages reliability improvements |
2024‑08‑29 | 0.11.98.156 | CPU utilization and console event optimization |
2024‑08‑28 | 0.11.97.155 | Reliability to detect unusual updates like redistributables. |
2024‑08‑27 | 0.11.96.154 | |
2024‑08‑26 | 0.11.95.153 | Faster response for reboot requests |
2024‑08‑20 | 0.11.92.150 | Additional package upgrade pre-requisites |
2024‑08‑15 | 0.11.89.147 | |
2024‑08‑06 | 0.11.87.145 | |
2024‑07‑26 | 0.11.83.141 | Add resiliency for MAC duplicates and uptime |
2024‑07‑25 | 0.11.82.140 | Changes to facilitate cross-platform use. Bitlocker and Windows key refinements |
2024‑07‑15 | 0.11.80.138 | Antivirus and temperature added to configuration checks |
2024‑07‑15 | 0.11.79.137 | Add configuration checks for execution policy and secure boot |
2024‑07‑11 | 0.11.77.135 | load balancing refinements |
2024‑07‑10 | 0.11.76.134 | Add additional load balancing and data residency capabilities, add randomness to recurring task timings to decrease server load |
2024‑07‑05 | 0.11.74.132 | changes to graph and residual work on user imporsonation |
2024‑07‑04 | 0.11.73.131 | Add configuration checks for execution policy and secure boot. |
2024‑07‑03 | 0.11.72.130 | Enhanced event log monitoring |
2024‑07‑02 | 0.11.71.129 | Add details to Windows updates, enhanced risk metrics for application patches |
2024‑06‑19 | 0.11.65.123 | Update resiliancy and garbage collection |
2024‑06‑13 | 0.11.60.118 | Enhanced logging |
2024‑06‑12 | 0.11.55.113 | Include the primary drive serial number; MAC addresses for built-in wireless, Bluetooth, and ethernet into the device hash to restore uninstalled and reinstalled devices in cases where the motherboard serial is not unique |
2024‑06‑07 | 0.11.54.112 | Patch and package uninstall data addition |
2024‑06‑05 | 0.11.47.105 | refine per-user registry application listing |
2024‑06‑02 | 0.11.45.103 | uninstall and reinstall refinements, refine local logging, refine self-update and uninstall timing |
2024‑05‑30 | 0.11.21.79 | various bug fixes and improvements |
2024‑05‑28 | 0.11.16.74 | Error logging, registration, and uninstall improvements. |
2024‑05‑24 | 0.11.14.72 | applied changes for devices and login commands, changes for registration as well |
2024‑05‑22 | 0.11.13.71 | Add Windows computer model, improve Operating System parsing |
2024‑05‑21 | 0.11.11.69 | Added additional states for Windows update, flexibility for non-standard program file configurations, support for network diagrams at the switch level, details for Windows editions |
2024‑05‑21 | 0.11.10.68 | Add specific cases for Defender patterns and Composer versions. |
2024‑05‑17 | 0.11.3.61 | Change Log storage location to c:\program files\Lavawall |
2024‑05‑17 | 0.11.1.59 | self-update improvements. |
2024‑05‑16 | 0.8.0.55 | error log reporting and management. |
2024‑05‑15 | 0.7.0.54 | Websocket resiliency improvements |
2024‑05‑09 | 0.6.0.53 | Error log reporting and management. |
2024‑05‑01 | 0.5.44.52 | Even more improvements to scheduler |
2024‑04‑24 | 0.5.41.49 | Install compatibility with Sandbox |
2024‑04‑22 | 0.5.21.29 | Project property changes to enable automated compilation with new features. |
2024‑04‑20 | 0.5.20.28 | Add motherboard serial number and company reassignment |
2024‑04‑11 | 0.5.4.12 | Automate release notes as part of build process |
2024‑05‑20 | 253 | Added cleanup of old .json files during a re-install |
2024‑05‑13 | 252 | Added apt-get update to install |
2024‑05‑06 | 248 | Allow restart to use /var/run/reboot-required if needrestart is not installed |
2024‑04‑22 | 239 | Improve internal update and version tracking |
2024‑04‑15 | 235 | Add support for Yum packages |
2024‑04‑08 | 233 | Align patching with Windows patch reporting |
2024‑04‑02 | 228 | Add support for needrestart |
2024‑03‑04 | 224 | Schedule restarts |
2024‑03‑25 | 221 | Add support for apt packages |
2024‑03‑18 | 212 | Implement release management |
2024‑03‑11 | 202 | Add user login monitoring |
2024‑03‑04 | 189 | Enhance installation reliability |
2024‑02‑26 | 187 | Exapand triggers to identify if the instance needs to be restarted |
2024‑02‑19 | 146 | Improve compatibility for non-AWS instances |
2024‑02‑14 | 138 | Add self-uninstall capabilities |
2024‑02‑12 | 135 | Enhance scheduling flexibility |
2024‑02‑07 | 132 | Add kernel version tracking |
2024‑02‑05 | 124 | Add device hash to cryptographic self-update script validation |
2024‑01‑29 | 107 | Enhance encryption of patch data |
2024‑01‑22 | 98 | Improve how available storage is calculated |
2024‑01‑15 | 97 | Move initial tasks from installation file to sub scripts |
2024‑05‑21 | 91 | Improve multi-distribution compatibility |
2024‑05‑21 | 79 | Improve encryption reliability |
2023‑12‑11 | 68 | Enhance cryptographic validation of new scripts before updating |
2023‑11‑20 | 62 | Add inner layer of AES encryption in case TLS inspection doesn't allow for a secure connection |
2023‑11‑27 | 56 | Additional base cases for resiliancy |
2023‑11‑20 | 54 | Additional headers added to authentication process during installation. |
2023‑11‑20 | 53 | Enhanced key management |
2023‑11‑15 | 51 | Add insecure installation parameter to allow installation in environments with TLS inspection or other machine-in-the-middle situations. |
2023‑11‑06 | 42 | Enhance redundant encryption during installation. |
2023‑10‑30 | 33 | Improve install-over compatibility |
2023‑10‑23 | 18 | Add reboot configuration and scheduling |
2023‑10‑23 | 17 | Add self-updating functionality. |
2023‑10‑16 | 15 | Add Linux patching information for apt |
2023‑10‑09 | 14 | Collect system information |
2023‑10‑09 | 13 | Add Linux distribution information |
2023‑09‑30 | 12 | Add memory monitoring |
2023‑09‑30 | 10 | Add hardware information |
2023‑09‑23 | 9 | Add AWS information |
2023‑09‑23 | 8 | Add customized schedule capability for configuration updates |
2023‑09‑23 | 7 | Add support for package monitoring using package and dpkg logs |
2023‑09‑16 | 6 | Add storage data configuration gathering |
2023‑09‑16 | 5 | Add CPU information |
Lavawall® is under active development with the latest release including:
Monitored Applications
System Metrics
Lavawall® prevents the 80% of breaches and failed audits due to missing patches and updates.
You can reduce application patching delays from 67 days to nearly immediate with the 350+ applications that Lavawall® monitors and patches.