Update iTunes to version 12132.3.2017

What patches are you missing?

Join waiting list

CVE Vulnerabilities for iTunes

CVE	Published	Severity	Details	Exploitability	Impact	Vector
CVE‑2023‑32353	2023‑06‑23 18:15:11	HIGH (8)	A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges.	2	6	LOCAL
CVE‑2023‑32351	2023‑06‑23 18:15:11	HIGH (8)	A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges.	2	6	LOCAL
CVE‑2022‑26774	2022‑05‑26 20:15:10	HIGH (8)	A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges.	2	6	LOCAL
CVE‑2022‑26773	2022‑05‑26 20:15:10	HIGH (7)	A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission.	2	5	LOCAL
CVE‑2022‑26751	2022‑05‑26 20:15:09	HIGH (8)	A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2022‑26717	2022‑11‑01 20:15:17	HIGH (9)	A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2022‑26711	2022‑05‑26 19:15:08	CRITICAL (10)	An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	4	6	NETWORK
CVE‑2022‑22629	2022‑09‑23 20:15:09	HIGH (9)	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2022‑22612	2022‑03‑18 18:15:14	HIGH (8)	A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption.	2	6	LOCAL
CVE‑2022‑22611	2022‑03‑18 18:15:13	HIGH (8)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2021‑30849	2021‑10‑19 14:15:10	HIGH (8)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2021‑30847	2021‑10‑19 14:15:10	HIGH (8)	This issue was addressed with improved checks. This issue is fixed in watchOS 8, macOS Big Sur 11.6, Security Update 2021-005 Catalina, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2021‑30835	2021‑10‑19 14:15:09	HIGH (8)	This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2021‑1857	2021‑09‑08 15:15:11	MEDIUM (7)	A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information.	3	4	NETWORK
CVE‑2021‑1825	2021‑09‑08 15:15:10	MEDIUM (6)	An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack.	3	3	NETWORK
CVE‑2021‑1811	2021‑09‑08 15:15:10	MEDIUM (7)	A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory.	3	4	NETWORK
CVE‑2020‑9999	2020‑12‑08 20:15:18	HIGH (8)	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9984	2020‑10‑22 19:15:16	HIGH (8)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9981	2020‑12‑08 20:15:18	HIGH (8)	A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9947	2020‑12‑08 20:15:17	HIGH (9)	A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9938	2020‑10‑22 19:15:15	HIGH (8)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9937	2020‑10‑22 19:15:15	HIGH (8)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9936	2020‑10‑16 17:15:18	HIGH (8)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9925	2020‑10‑16 17:15:17	MEDIUM (6)	A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2020‑9919	2020‑10‑22 19:15:15	HIGH (8)	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9916	2020‑10‑16 17:15:17	MEDIUM (5)	A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the destination of a URL.	4	1	NETWORK
CVE‑2020‑9915	2020‑10‑16 17:15:17	MEDIUM (7)	An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.	3	4	NETWORK
CVE‑2020‑9910	2020‑10‑16 17:15:17	HIGH (9)	Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.	3	6	NETWORK
CVE‑2020‑9895	2020‑10‑16 17:15:16	CRITICAL (10)	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	4	6	NETWORK
CVE‑2020‑9894	2020‑10‑16 17:15:16	MEDIUM (4)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	3	1	NETWORK
CVE‑2020‑9893	2020‑10‑16 17:15:16	HIGH (9)	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9883	2020‑10‑22 18:15:15	HIGH (8)	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9879	2020‑10‑22 18:15:15	HIGH (8)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9877	2020‑10‑22 18:15:15	HIGH (8)	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9876	2020‑10‑22 18:15:15	HIGH (8)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9875	2020‑10‑22 18:15:15	HIGH (8)	An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9874	2020‑10‑22 18:15:15	HIGH (8)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9873	2020‑10‑22 18:15:14	HIGH (8)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9872	2020‑10‑22 18:15:14	HIGH (8)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9871	2020‑10‑22 18:15:14	HIGH (8)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑9862	2020‑10‑16 17:15:15	HIGH (8)	A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection.	2	6	LOCAL
CVE‑2020‑9850	2020‑06‑09 17:15:15	CRITICAL (10)	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.	4	6	NETWORK
CVE‑2020‑9849	2020‑12‑08 20:15:16	MEDIUM (7)	An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0. A remote attacker may be able to leak memory.	3	4	NETWORK
CVE‑2020‑9843	2020‑06‑09 17:15:15	HIGH (7)	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.	3	4	NETWORK
CVE‑2020‑9807	2020‑06‑09 17:15:13	HIGH (9)	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9806	2020‑06‑09 17:15:12	HIGH (9)	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9805	2020‑06‑09 17:15:12	HIGH (7)	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.	3	4	NETWORK
CVE‑2020‑9803	2020‑06‑09 17:15:12	HIGH (9)	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9802	2020‑06‑09 17:15:12	HIGH (9)	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9800	2020‑06‑09 17:15:12	HIGH (9)	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9794	2020‑06‑09 17:15:12	HIGH (8)	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents.	3	5	NETWORK
CVE‑2020‑9790	2020‑06‑09 17:15:11	HIGH (9)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9789	2020‑06‑09 17:15:11	HIGH (9)	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑9783	2020‑04‑01 18:15:18	HIGH (9)	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution.	3	6	NETWORK
CVE‑2020‑3911	2020‑04‑01 18:15:17	CRITICAL (10)	A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.	4	6	NETWORK
CVE‑2020‑3910	2020‑04‑01 18:15:17	CRITICAL (10)	A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.	4	6	NETWORK
CVE‑2020‑3909	2020‑04‑01 18:15:17	CRITICAL (10)	A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.	4	6	NETWORK
CVE‑2020‑3902	2020‑04‑01 18:15:17	MEDIUM (6)	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.	3	3	NETWORK
CVE‑2020‑3901	2020‑04‑01 18:15:17	HIGH (9)	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3900	2020‑04‑01 18:15:17	HIGH (9)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3899	2020‑04‑01 18:15:16	HIGH (9)	A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3897	2020‑04‑01 18:15:16	HIGH (9)	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3895	2020‑04‑01 18:15:16	HIGH (9)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3894	2020‑04‑01 18:15:16	LOW (3)	A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory.	2	1	NETWORK
CVE‑2020‑3887	2020‑04‑01 18:15:16	MEDIUM (4)	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.	3	1	NETWORK
CVE‑2020‑3885	2020‑04‑01 18:15:16	MEDIUM (4)	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.	3	1	NETWORK
CVE‑2020‑3878	2020‑02‑27 21:15:19	HIGH (8)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑3868	2020‑02‑27 21:15:18	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3867	2020‑02‑27 21:15:18	MEDIUM (6)	A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2020‑3865	2020‑02‑27 21:15:18	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3864	2020‑10‑27 21:15:15	HIGH (8)	A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.	2	6	LOCAL
CVE‑2020‑3862	2020‑02‑27 21:15:18	MEDIUM (7)	A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service.	3	4	NETWORK
CVE‑2020‑3861	2020‑02‑27 21:15:18	HIGH (7)	The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system.	2	5	LOCAL
CVE‑2020‑3846	2020‑02‑27 21:15:17	HIGH (9)	A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.	3	6	NETWORK
CVE‑2020‑3826	2020‑02‑27 21:15:16	HIGH (8)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑3825	2020‑02‑27 21:15:16	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2020‑36521	2022‑09‑23 19:15:10	HIGH (7)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.	2	5	LOCAL
CVE‑2020‑27918	2020‑12‑08 22:15:19	HIGH (8)	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑27917	2020‑12‑08 21:15:14	HIGH (8)	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to code execution.	2	6	LOCAL
CVE‑2020‑27912	2020‑12‑08 21:15:13	HIGH (8)	An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.	2	6	LOCAL
CVE‑2020‑27911	2020‑12‑08 21:15:13	HIGH (8)	An integer overflow was addressed through improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	2	6	LOCAL
CVE‑2020‑27895	2020‑12‑08 21:15:13	LOW (3)	An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs.	2	1	LOCAL
CVE‑2020‑10002	2020‑12‑08 20:15:13	MEDIUM (6)	A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files.	2	4	LOCAL
CVE‑2019‑8898	2020‑10‑27 21:15:14	MEDIUM (4)	An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has visited.	3	1	NETWORK
CVE‑2019‑8848	2020‑10‑27 21:15:13	HIGH (8)	This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges.	2	6	LOCAL
CVE‑2019‑8846	2020‑10‑27 21:15:13	HIGH (9)	A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8844	2020‑10‑27 20:15:21	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8835	2020‑10‑27 20:15:21	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8834	2020‑10‑27 20:15:21	MEDIUM (4)	A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.	3	1	NETWORK
CVE‑2019‑8827	2020‑10‑27 20:15:20	MEDIUM (4)	The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited.	3	1	NETWORK
CVE‑2019‑8825	2020‑10‑27 20:15:20	HIGH (9)	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8823	2019‑12‑18 18:15:45	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8822	2019‑12‑18 18:15:45	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8821	2019‑12‑18 18:15:45	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8820	2019‑12‑18 18:15:45	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8819	2019‑12‑18 18:15:44	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8816	2019‑12‑18 18:15:44	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8815	2019‑12‑18 18:15:44	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8814	2019‑12‑18 18:15:44	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8813	2019‑12‑18 18:15:44	MEDIUM (6)	A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8812	2019‑12‑18 18:15:44	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8811	2019‑12‑18 18:15:44	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8808	2019‑12‑18 18:15:43	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8801	2019‑12‑18 18:15:43	HIGH (8)	A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.	2	6	LOCAL
CVE‑2019‑8784	2019‑12‑18 18:15:41	HIGH (8)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.	2	6	LOCAL
CVE‑2019‑8783	2019‑12‑18 18:15:41	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8782	2019‑12‑18 18:15:41	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8773	2020‑10‑27 20:15:19	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8763	2019‑12‑18 18:15:39	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8762	2020‑10‑27 20:15:19	MEDIUM (6)	A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8756	2020‑10‑27 20:15:19	CRITICAL (10)	Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.	4	6	NETWORK
CVE‑2019‑8752	2020‑10‑27 20:15:19	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8751	2020‑10‑27 20:15:19	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8749	2020‑10‑27 20:15:18	CRITICAL (10)	Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.	4	6	NETWORK
CVE‑2019‑8746	2020‑10‑27 20:15:18	CRITICAL (10)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	4	6	NETWORK
CVE‑2019‑8745	2019‑12‑18 18:15:38	HIGH (9)	A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8735	2019‑12‑18 18:15:38	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8734	2020‑10‑27 20:15:18	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8733	2019‑12‑18 18:15:38	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8728	2020‑10‑27 20:15:18	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8726	2019‑12‑18 18:15:37	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8719	2019‑12‑18 18:15:37	MEDIUM (6)	A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8707	2019‑12‑18 18:15:36	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8690	2019‑12‑18 18:15:35	MEDIUM (6)	A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8689	2019‑12‑18 18:15:35	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8688	2019‑12‑18 18:15:35	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8687	2019‑12‑18 18:15:34	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8686	2019‑12‑18 18:15:34	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8685	2019‑12‑18 18:15:34	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8684	2019‑12‑18 18:15:34	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8683	2019‑12‑18 18:15:34	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8681	2019‑12‑18 18:15:34	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8680	2019‑12‑18 18:15:34	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8679	2019‑12‑18 18:15:33	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8678	2019‑12‑18 18:15:33	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8677	2019‑12‑18 18:15:33	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8676	2019‑12‑18 18:15:33	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8673	2019‑12‑18 18:15:33	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8672	2019‑12‑18 18:15:33	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8671	2019‑12‑18 18:15:33	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8669	2019‑12‑18 18:15:32	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8666	2019‑12‑18 18:15:32	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8658	2019‑12‑18 18:15:32	MEDIUM (6)	A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8649	2019‑12‑18 18:15:31	MEDIUM (6)	A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8644	2019‑12‑18 18:15:31	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8639	2020‑10‑27 20:15:17	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8638	2020‑10‑27 20:15:16	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8628	2019‑12‑18 18:15:30	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8625	2019‑12‑18 18:15:30	MEDIUM (6)	A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8623	2019‑12‑18 18:15:30	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8622	2019‑12‑18 18:15:30	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8619	2019‑12‑18 18:15:30	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8615	2019‑12‑18 18:15:29	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	4	NETWORK
CVE‑2019‑8611	2019‑12‑18 18:15:29	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8610	2019‑12‑18 18:15:29	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8609	2019‑12‑18 18:15:29	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8608	2019‑12‑18 18:15:29	MEDIUM (6)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	3	NETWORK
CVE‑2019‑8607	2019‑12‑18 18:15:29	MEDIUM (7)	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory.	3	4	NETWORK
CVE‑2019‑8602	2019‑12‑18 18:15:29	HIGH (8)	A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.	2	6	LOCAL
CVE‑2019‑8601	2019‑12‑18 18:15:29	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8600	2019‑12‑18 18:15:28	CRITICAL (10)	A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution.	4	6	NETWORK
CVE‑2019‑8598	2019‑12‑18 18:15:28	MEDIUM (6)	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory.	2	4	LOCAL
CVE‑2019‑8597	2019‑12‑18 18:15:28	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	4	NETWORK
CVE‑2019‑8596	2019‑12‑18 18:15:28	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8595	2019‑12‑18 18:15:28	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8594	2019‑12‑18 18:15:28	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8587	2019‑12‑18 18:15:27	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8586	2019‑12‑18 18:15:27	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8584	2019‑12‑18 18:15:27	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8583	2019‑12‑18 18:15:27	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8582	2020‑10‑27 20:15:16	MEDIUM (6)	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory.	2	4	LOCAL
CVE‑2019‑8577	2019‑12‑18 18:15:27	HIGH (8)	An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.	2	6	LOCAL
CVE‑2019‑8571	2019‑12‑18 18:15:27	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8570	2020‑10‑27 20:15:15	MEDIUM (7)	A logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information.	3	4	NETWORK
CVE‑2019‑8563	2019‑12‑18 18:15:26	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8562	2019‑12‑18 18:15:26	CRITICAL (10)	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.	3	6	NETWORK
CVE‑2019‑8559	2019‑12‑18 18:15:26	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8558	2019‑12‑18 18:15:26	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8556	2019‑12‑18 18:15:26	HIGH (9)	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8551	2019‑12‑18 18:15:26	MEDIUM (6)	A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting.	3	3	NETWORK
CVE‑2019‑8544	2019‑12‑18 18:15:25	HIGH (9)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8542	2019‑12‑18 18:15:25	HIGH (8)	A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.	2	6	LOCAL
CVE‑2019‑8536	2019‑12‑18 18:15:25	HIGH (9)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8535	2019‑12‑18 18:15:25	HIGH (9)	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8524	2019‑12‑18 18:15:24	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8523	2019‑12‑18 18:15:24	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8518	2019‑12‑18 18:15:24	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8515	2019‑12‑18 18:15:23	MEDIUM (7)	A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information.	3	4	NETWORK
CVE‑2019‑8506	2019‑12‑18 18:15:23	HIGH (9)	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑8503	2019‑12‑18 18:15:23	HIGH (9)	A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.	3	6	NETWORK
CVE‑2019‑7292	2019‑12‑18 18:15:22	MEDIUM (7)	A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory.	3	4	NETWORK
CVE‑2019‑7285	2019‑12‑18 18:15:22	HIGH (9)	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑6237	2019‑12‑18 18:15:21	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2019‑6235	2019‑03‑04 20:29:00	HIGH (8)	A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.	0	0	NETWORK
CVE‑2019‑6234	2019‑03‑05 16:29:03	MEDIUM (7)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6233	2019‑03‑05 16:29:03	MEDIUM (7)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6229	2019‑03‑05 16:29:03	MEDIUM (4)	A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting.	0	0	NETWORK
CVE‑2019‑6227	2019‑03‑05 16:29:02	MEDIUM (7)	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6226	2019‑03‑05 16:29:02	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6221	2019‑03‑05 16:29:02	MEDIUM (7)	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.	0	0	NETWORK
CVE‑2019‑6217	2019‑03‑05 16:29:02	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6216	2019‑03‑05 16:29:02	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6215	2019‑03‑05 16:29:01	MEDIUM (7)	A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6212	2019‑03‑05 16:29:01	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.	0	0	NETWORK
CVE‑2019‑6201	2019‑12‑18 18:15:21	HIGH (9)	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	3	6	NETWORK
CVE‑2018‑4474	2020‑10‑27 20:15:14	HIGH (8)	A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure.	4	4	NETWORK
CVE‑2018‑4464	2019‑04‑03 18:29:17	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4444	2020‑10‑27 20:15:14	MEDIUM (7)	A logic issue was addressed with improved state management. This issue is fixed in Safari 12.0.2, iOS 12.1.1, tvOS 12.1.1, iTunes 12.9.2 for Windows. Processing maliciously crafted web content may disclose sensitive user information.	3	4	NETWORK
CVE‑2018‑4443	2019‑04‑03 18:29:17	MEDIUM (7)	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4442	2019‑04‑03 18:29:16	MEDIUM (7)	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4441	2019‑04‑03 18:29:16	MEDIUM (7)	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4440	2019‑04‑03 18:29:16	MEDIUM (4)	A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4439	2019‑04‑03 18:29:16	MEDIUM (4)	A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4438	2019‑04‑03 18:29:16	MEDIUM (7)	A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4437	2019‑04‑03 18:29:16	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.	0	0	NETWORK
CVE‑2018‑4416	2019‑04‑03 18:29:14	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4414	2019‑04‑03 18:29:14	MEDIUM (7)	A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4412	2019‑04‑03 18:29:14	MEDIUM (7)	A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4409	2019‑04‑03 18:29:14	MEDIUM (4)	A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4398	2019‑04‑03 18:29:13	MEDIUM (5)	An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4394	2019‑04‑03 18:29:13	MEDIUM (7)	A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.	0	0	NETWORK
CVE‑2018‑4392	2019‑04‑03 18:29:13	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4386	2019‑04‑03 18:29:12	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4382	2019‑04‑03 18:29:12	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4378	2019‑04‑03 18:29:12	MEDIUM (7)	A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4377	2019‑04‑03 18:29:12	MEDIUM (4)	A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4376	2019‑04‑03 18:29:12	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4375	2019‑04‑03 18:29:11	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4374	2019‑04‑03 18:29:11	MEDIUM (4)	A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4373	2019‑04‑03 18:29:11	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4372	2019‑04‑03 18:29:11	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	0	0	NETWORK
CVE‑2018‑4361	2019‑04‑03 18:29:10	MEDIUM (7)	A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4360	2019‑04‑03 18:29:10	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4359	2019‑04‑03 18:29:10	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4358	2019‑04‑03 18:29:10	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4347	2019‑04‑03 18:29:09	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4345	2019‑04‑03 18:29:09	MEDIUM (4)	A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4328	2019‑04‑03 18:29:08	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4323	2019‑04‑03 18:29:08	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4319	2019‑04‑03 18:29:08	MEDIUM (6)	A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4318	2019‑04‑03 18:29:07	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4317	2019‑04‑03 18:29:07	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4316	2019‑04‑03 18:29:07	MEDIUM (7)	A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4315	2019‑04‑03 18:29:07	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4314	2019‑04‑03 18:29:07	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4312	2019‑04‑03 18:29:07	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4311	2019‑04‑03 18:29:07	MEDIUM (6)	The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4309	2019‑04‑03 18:29:07	MEDIUM (4)	A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4306	2019‑04‑03 18:29:06	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4302	2021‑12‑23 20:15:09	HIGH (8)	A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.	2	6	LOCAL
CVE‑2018‑4299	2019‑04‑03 18:29:06	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4293	2019‑04‑03 18:29:06	MEDIUM (5)	A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4284	2019‑04‑03 18:29:05	MEDIUM (7)	A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4278	2019‑01‑11 18:29:03	MEDIUM (4)	In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.	0	0	NETWORK
CVE‑2018‑4273	2019‑04‑03 18:29:05	MEDIUM (4)	Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4272	2019‑04‑03 18:29:05	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4271	2019‑04‑03 18:29:04	MEDIUM (4)	Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4270	2019‑04‑03 18:29:04	MEDIUM (4)	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4269	2019‑04‑03 18:29:04	MEDIUM (7)	A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4267	2019‑04‑03 18:29:04	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4266	2019‑04‑03 18:29:04	MEDIUM (4)	A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4265	2019‑04‑03 18:29:04	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4264	2019‑04‑03 18:29:04	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4263	2019‑04‑03 18:29:04	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4262	2019‑01‑11 18:29:03	MEDIUM (7)	In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.	0	0	NETWORK
CVE‑2018‑4261	2019‑04‑03 18:29:03	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.	0	0	NETWORK
CVE‑2018‑4246	2018‑06‑08 18:29:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion.	0	0	NETWORK
CVE‑2018‑4233	2018‑06‑08 18:29:02	HIGH (9)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	3	6	NETWORK
CVE‑2018‑4232	2018‑06‑08 18:29:02	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to overwrite cookies via a crafted web site.	0	0	NETWORK
CVE‑2018‑4226	2018‑06‑08 18:29:02	LOW (2)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of sensitive user information.	0	0	LOCAL
CVE‑2018‑4225	2018‑06‑08 18:29:02	LOW (2)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on Keychain state modifications.	0	0	LOCAL
CVE‑2018‑4224	2018‑06‑08 18:29:02	LOW (2)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a persistent device identifier.	0	0	LOCAL
CVE‑2018‑4222	2018‑06‑08 18:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation.	0	0	NETWORK
CVE‑2018‑4218	2018‑06‑08 18:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free.	0	0	NETWORK
CVE‑2018‑4214	2018‑06‑08 18:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to cause a denial of service (memory corruption and Safari crash) or possibly have unspecified other impact via a crafted web site.	0	0	NETWORK
CVE‑2018‑4213	2019‑01‑11 18:29:02	MEDIUM (7)	In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.	0	0	NETWORK
CVE‑2018‑4212	2019‑01‑11 18:29:02	MEDIUM (7)	In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.	0	0	NETWORK
CVE‑2018‑4210	2019‑01‑11 18:29:02	MEDIUM (7)	In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.	0	0	NETWORK
CVE‑2018‑4209	2019‑01‑11 18:29:02	MEDIUM (7)	In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.	0	0	NETWORK
CVE‑2018‑4208	2019‑01‑11 18:29:02	MEDIUM (7)	In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.	0	0	NETWORK
CVE‑2018‑4207	2019‑01‑11 18:29:02	MEDIUM (7)	In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.	0	0	NETWORK
CVE‑2018‑4204	2018‑06‑08 18:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4201	2018‑06‑08 18:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4200	2018‑06‑08 18:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free.	0	0	NETWORK
CVE‑2018‑4199	2018‑06‑08 18:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4197	2019‑04‑03 18:29:03	MEDIUM (7)	A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4194	2019‑01‑11 18:29:01	MEDIUM (7)	In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.	0	0	NETWORK
CVE‑2018‑4192	2018‑06‑08 18:29:01	MEDIUM (5)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition.	0	0	NETWORK
CVE‑2018‑4191	2019‑04‑03 18:29:03	MEDIUM (7)	A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4190	2018‑06‑08 18:29:00	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive credential information that is transmitted during a CSS mask-image fetch.	0	0	NETWORK
CVE‑2018‑4188	2018‑06‑08 18:29:00	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site.	0	0	NETWORK
CVE‑2018‑4165	2018‑04‑03 06:29:08	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4163	2018‑04‑03 06:29:08	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4162	2018‑04‑03 06:29:07	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4161	2018‑04‑03 06:29:07	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4147	2019‑01‑11 18:29:01	MEDIUM (7)	In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling.	0	0	NETWORK
CVE‑2018‑4146	2018‑04‑03 06:29:07	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows attackers to cause a denial of service (memory corruption) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4145	2019‑04‑03 18:29:02	MEDIUM (7)	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.3, tvOS 11.3, watchOS 4.3, Safari 11.1, iTunes 12.7.4 for Windows, iCloud for Windows 7.4.	0	0	NETWORK
CVE‑2018‑4144	2018‑04‑03 06:29:07	HIGH (9)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.	0	0	NETWORK
CVE‑2018‑4130	2018‑04‑03 06:29:06	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4129	2018‑04‑03 06:29:06	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4128	2018‑04‑03 06:29:06	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4127	2018‑04‑03 06:29:06	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4126	2019‑04‑03 18:29:02	HIGH (9)	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.	0	0	NETWORK
CVE‑2018‑4125	2018‑04‑03 06:29:06	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4122	2018‑04‑03 06:29:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4121	2018‑04‑03 06:29:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4120	2018‑04‑03 06:29:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4119	2018‑04‑03 06:29:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4118	2018‑04‑03 06:29:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4117	2018‑04‑03 06:29:05	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.	0	0	NETWORK
CVE‑2018‑4114	2018‑04‑03 06:29:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4113	2018‑04‑03 06:29:05	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing.	0	0	NETWORK
CVE‑2018‑4101	2018‑04‑03 06:29:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4096	2018‑04‑03 06:29:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2018‑4088	2018‑04‑03 06:29:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7172	2018‑04‑03 06:29:03	HIGH (9)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Session" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.	0	0	NETWORK
CVE‑2017‑7165	2018‑04‑03 06:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7160	2017‑12‑27 17:08:25	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7157	2017‑12‑27 17:08:24	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7156	2017‑12‑27 17:08:24	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7153	2018‑04‑03 06:29:02	MEDIUM (6)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401 Unauthorized redirect.	0	0	NETWORK
CVE‑2017‑7151	2019‑04‑03 18:29:01	MEDIUM (5)	A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.	0	0	NETWORK
CVE‑2017‑7120	2017‑10‑23 01:29:13	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7117	2017‑10‑23 01:29:13	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7111	2017‑10‑23 01:29:13	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7109	2017‑10‑23 01:29:13	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted web content that incorrectly interacts with the Application Cache policy.	0	0	NETWORK
CVE‑2017‑7107	2017‑10‑23 01:29:13	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7104	2017‑10‑23 01:29:13	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7102	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7100	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7099	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7098	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7096	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7095	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7094	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7093	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7092	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7091	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7090	2017‑10‑23 01:29:12	MEDIUM (5)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive cookie information via a custom URL scheme.	0	0	NETWORK
CVE‑2017‑7087	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7081	2017‑10‑23 01:29:12	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7079	2017‑10‑23 01:29:12	MEDIUM (4)	An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups (written by iTunes) via a crafted app.	0	0	NETWORK
CVE‑2017‑7064	2017‑07‑20 16:29:02	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.	0	0	NETWORK
CVE‑2017‑7061	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7056	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7055	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7053	2017‑07‑20 16:29:02	HIGH (9)	An issue was discovered in certain Apple products. iTunes before 12.6.2 on Windows is affected. The issue involves the "iTunes" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.	0	0	NETWORK
CVE‑2017‑7052	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7049	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7048	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7046	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7043	2017‑07‑20 16:29:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7042	2017‑07‑20 16:29:02	HIGH (9)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7041	2017‑07‑20 16:29:01	HIGH (9)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7040	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7039	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7037	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7034	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7030	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7020	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7019	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit Page Loading" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7018	2017‑07‑20 16:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7013	2017‑07‑20 16:29:00	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxml2" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted XML file.	0	0	NETWORK
CVE‑2017‑7012	2017‑07‑20 16:29:00	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑7010	2017‑07‑20 16:29:00	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "libxml2" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted XML file.	0	0	NETWORK
CVE‑2017‑6984	2017‑05‑22 05:29:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iTunes before 12.6.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑2480	2017‑04‑02 01:59:04	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.	0	0	NETWORK
CVE‑2017‑2479	2017‑04‑02 01:59:04	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.	0	0	NETWORK
CVE‑2017‑2463	2017‑04‑02 01:59:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑2383	2017‑04‑02 01:59:00	LOW (4)	An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in the "APNs Server" component. It allows man-in-the-middle attackers to track users via correlation with this certificate.	0	0	NETWORK
CVE‑2017‑2366	2017‑02‑20 08:59:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑2356	2017‑02‑20 08:59:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑2355	2017‑02‑20 08:59:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑2354	2017‑02‑20 08:59:05	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13885	2018‑04‑03 06:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13884	2018‑04‑03 06:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13870	2017‑12‑25 21:29:15	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13866	2017‑12‑25 21:29:14	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13864	2017‑12‑25 21:29:14	MEDIUM (4)	An issue was discovered in certain Apple products. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. The issue involves the "APNs Server" component. It allows man-in-the-middle attackers to track users by leveraging mishandling of client certificates.	0	0	NETWORK
CVE‑2017‑13856	2017‑12‑25 21:29:14	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13803	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13802	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13798	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13797	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13796	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13795	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13794	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13793	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13792	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13791	2017‑11‑13 03:29:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13788	2017‑11‑13 03:29:00	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13785	2017‑11‑13 03:29:00	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13784	2017‑11‑13 03:29:00	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2017‑13783	2017‑11‑13 03:29:00	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7656	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7654	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7652	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7649	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7648	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7646	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7645	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7642	2017‑02‑20 08:59:04	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7641	2017‑02‑20 08:59:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7640	2017‑02‑20 08:59:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7639	2017‑02‑20 08:59:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7635	2017‑02‑20 08:59:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7632	2017‑02‑20 08:59:03	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7611	2017‑02‑20 08:59:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7610	2017‑02‑20 08:59:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7599	2017‑02‑20 08:59:02	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP redirects.	0	0	NETWORK
CVE‑2016‑7598	2017‑02‑20 08:59:02	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site.	0	0	NETWORK
CVE‑2016‑7592	2017‑02‑20 08:59:02	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site.	0	0	NETWORK
CVE‑2016‑7589	2017‑02‑20 08:59:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7587	2017‑02‑20 08:59:02	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑7586	2017‑02‑20 08:59:02	MEDIUM (4)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.	0	0	NETWORK
CVE‑2016‑7578	2017‑02‑20 08:59:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑4769	2016‑09‑25 11:00:03	MEDIUM (7)	WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑4768	2016‑09‑25 11:00:02	MEDIUM (7)	WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767.	0	0	NETWORK
CVE‑2016‑4767	2016‑09‑25 11:00:00	MEDIUM (7)	WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4768.	0	0	NETWORK
CVE‑2016‑4766	2016‑09‑25 10:59:59	MEDIUM (7)	WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768.	0	0	NETWORK
CVE‑2016‑4765	2016‑09‑25 10:59:58	MEDIUM (7)	WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.	0	0	NETWORK
CVE‑2016‑4764	2017‑02‑20 08:59:01	HIGH (9)	An issue was discovered in certain Apple products. iOS before 10 is affected. Safari before 10 is affected. iTunes before 12.5.1 is affected. tvOS before 10 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	3	6	NETWORK
CVE‑2016‑4763	2016‑09‑25 10:59:57	MEDIUM (5)	WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.	0	0	NETWORK
CVE‑2016‑4762	2016‑09‑25 10:59:56	MEDIUM (7)	WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, iCloud before 6.0 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.	0	0	NETWORK
CVE‑2016‑4760	2016‑09‑25 10:59:55	MEDIUM (4)	WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 support.	0	0	NETWORK
CVE‑2016‑4759	2016‑09‑25 10:59:54	MEDIUM (7)	WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.	0	0	NETWORK
CVE‑2016‑4758	2016‑09‑25 10:59:53	MEDIUM (4)	WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly restrict access to the location variable, which allows remote attackers to obtain sensitive information via a crafted web site.	0	0	NETWORK
CVE‑2016‑4743	2017‑02‑20 08:59:01	MEDIUM (6)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑4728	2016‑09‑25 10:59:32	MEDIUM (7)	WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.	0	0	NETWORK
CVE‑2016‑4692	2017‑02‑20 08:59:01	MEDIUM (7)	An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	0	0	NETWORK
CVE‑2016‑4616	2016‑07‑22 02:59:39	HIGH (8)	libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619.	0	0	NETWORK
CVE‑2016‑4615	2016‑07‑22 02:59:38	HIGH (8)	libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619.	0	0	NETWORK
CVE‑2016‑4614	2016‑07‑22 02:59:36	CRITICAL (10)	libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4615, CVE-2016-4616, and CVE-2016-4619.	4	6	NETWORK
CVE‑2016‑4613	2017‑02‑20 08:59:00	MEDIUM (4)	An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.	0	0	NETWORK
CVE‑2016‑4610	2016‑07‑22 02:59:34	CRITICAL (10)	libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.	4	6	NETWORK
CVE‑2016‑4609	2016‑07‑22 02:59:33	CRITICAL (10)	libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612.	4	6	NETWORK
CVE‑2016‑4608	2016‑07‑22 02:59:32	CRITICAL (10)	libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.	4	6	NETWORK
CVE‑2016‑4607	2016‑07‑22 02:59:30	CRITICAL (10)	libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.	4	6	NETWORK
CVE‑2016‑1742	2016‑05‑20 10:59:01	HIGH (7)	Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.	0	0	LOCAL
CVE‑2015‑7017	2015‑10‑23 10:59:13	HIGH (8)	CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-6992.	0	0	NETWORK
CVE‑2015‑7014	2015‑10‑23 21:59:49	MEDIUM (7)	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑7013	2015‑10‑23 21:59:48	MEDIUM (7)	WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑7012	2015‑10‑23 21:59:47	MEDIUM (7)	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑7011	2015‑10‑23 21:59:46	MEDIUM (7)	WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑7002	2015‑10‑23 21:59:39	MEDIUM (7)	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑6992	2015‑10‑23 10:59:06	HIGH (8)	CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017.	0	0	NETWORK
CVE‑2015‑6975	2015‑10‑23 10:59:00	HIGH (8)	CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6992 and CVE-2015-7017.	0	0	NETWORK
CVE‑2015‑5931	2015‑10‑23 21:59:08	MEDIUM (7)	WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑5930	2015‑10‑23 21:59:07	MEDIUM (7)	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑5929	2015‑10‑23 21:59:06	MEDIUM (7)	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑5928	2015‑10‑23 21:59:05	MEDIUM (7)	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5.	0	0	NETWORK
CVE‑2015‑5920	2015‑09‑18 12:01:00	MEDIUM (4)	The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, which allows man-in-the-middle attackers to discover encrypted SMB credentials via unspecified vectors.	0	0	NETWORK
CVE‑2015‑5874	2015‑09‑18 12:00:17	HIGH (8)	CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.	0	0	NETWORK
CVE‑2015‑5823	2015‑09‑18 10:59:42	MEDIUM (7)	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5822	2015‑09‑18 10:59:41	MEDIUM (7)	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5821	2015‑09‑18 10:59:40	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5819	2015‑09‑18 10:59:38	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5818	2015‑09‑18 10:59:37	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5817	2015‑09‑18 10:59:36	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5816	2015‑09‑18 10:59:35	MEDIUM (7)	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5815	2015‑09‑18 10:59:34	MEDIUM (7)	WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5814	2015‑09‑18 10:59:33	MEDIUM (7)	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5813	2015‑09‑18 10:59:32	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5812	2015‑09‑18 10:59:31	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5811	2015‑09‑18 10:59:30	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5810	2015‑09‑18 10:59:29	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5809	2015‑09‑18 10:59:28	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5808	2015‑09‑18 10:59:27	MEDIUM (7)	WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5807	2015‑09‑18 10:59:26	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5806	2015‑09‑18 10:59:26	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5805	2015‑09‑18 10:59:25	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5804	2015‑09‑18 10:59:24	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5803	2015‑09‑18 10:59:23	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5802	2015‑09‑18 10:59:22	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5801	2015‑09‑18 10:59:21	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5800	2015‑09‑18 10:59:20	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5799	2015‑09‑18 10:59:19	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5798	2015‑09‑18 10:59:18	MEDIUM (7)	WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5797	2015‑09‑18 10:59:17	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5796	2015‑09‑18 10:59:16	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5795	2015‑09‑18 10:59:15	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5794	2015‑09‑18 10:59:13	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5793	2015‑09‑18 10:59:12	MEDIUM (7)	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5792	2015‑09‑18 10:59:11	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5791	2015‑09‑18 10:59:10	MEDIUM (7)	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5790	2015‑09‑18 10:59:09	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2015‑5789	2015‑09‑18 10:59:08	MEDIUM (7)	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.	0	0	NETWORK
CVE‑2014‑3192	2014‑10‑08 10:55:06	HIGH (8)	Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.	0	0	NETWORK
CVE‑2014‑1347	2014‑05‑18 11:12:54	MEDIUM (4)	Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations.	0	0	LOCAL
CVE‑2014‑1242	2014‑01‑23 19:55:04	MEDIUM (6)	Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream.	0	0	NETWORK
CVE‑2013‑1035	2013‑09‑19 10:27:56	HIGH (9)	The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.	0	0	NETWORK
CVE‑2013‑1014	2013‑05‑20 14:44:35	MEDIUM (4)	Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.	0	0	ADJACENT_NETWORK
CVE‑2013‑1011	2013‑05‑20 14:44:35	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1010	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1008	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1007	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1006	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1005	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1004	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1003	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1002	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1001	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑1000	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0999	2013‑05‑20 14:44:35	HIGH (9)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0998	2013‑05‑20 14:44:35	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0997	2013‑05‑20 14:44:35	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0996	2013‑05‑20 14:44:35	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0995	2013‑05‑20 14:44:35	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0994	2013‑05‑20 14:44:35	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0993	2013‑05‑20 14:44:34	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0992	2013‑05‑20 14:44:34	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2013‑0991	2013‑05‑20 14:44:34	MEDIUM (7)	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.	0	0	NETWORK
CVE‑2012‑3712	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3711	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3710	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3709	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3708	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3707	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3706	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3705	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3704	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3703	2012‑09‑13 10:30:21	HIGH (8)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3702	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3701	2012‑09‑13 10:30:21	HIGH (9)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3700	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3699	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3692	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3688	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3687	2012‑09‑13 10:30:21	HIGH (9)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3685	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3684	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3677	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3676	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3675	2012‑09‑13 10:30:21	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3673	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3672	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3671	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3660	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3659	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3658	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3657	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3654	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3652	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3651	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3649	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3648	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3647	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3643	2012‑09‑13 10:30:20	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3632	2012‑09‑13 10:30:20	HIGH (9)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3624	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3623	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3622	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3621	2012‑09‑13 10:30:19	HIGH (9)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3617	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3616	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3614	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3613	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3612	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3607	2012‑09‑13 10:30:19	HIGH (9)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3606	2012‑09‑13 10:30:19	HIGH (9)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3602	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3601	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑3598	2012‑09‑13 10:30:19	MEDIUM (7)	WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.	0	0	NETWORK
CVE‑2012‑1521	2012‑05‑01 10:12:04	MEDIUM (7)	Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.	0	0	NETWORK
CVE‑2012‑0677	2012‑06‑12 14:55:01	HIGH (9)	Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.	0	0	NETWORK
CVE‑2012‑0648	2012‑03‑08 22:55:04	HIGH (8)	WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.	0	0	NETWORK
CVE‑2012‑0639	2012‑03‑08 22:55:04	HIGH (8)	WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.	0	0	NETWORK
CVE‑2012‑0638	2012‑03‑08 22:55:04	HIGH (8)	WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.	0	0	NETWORK
CVE‑2012‑0637	2012‑03‑08 22:55:04	HIGH (8)	WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.	0	0	NETWORK
CVE‑2012‑0636	2012‑03‑08 22:55:04	HIGH (8)	WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.	0	0	NETWORK
CVE‑2012‑0635	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0634	2012‑03‑08 22:55:04	HIGH (8)	WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.	0	0	NETWORK
CVE‑2012‑0633	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0632	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0631	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0630	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0629	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0628	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0627	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0626	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0625	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0624	2012‑03‑08 22:55:04	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0623	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0622	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0621	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0620	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0619	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0618	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0617	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0616	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0615	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0614	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0613	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0612	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0611	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0610	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0609	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0608	2012‑03‑08 22:55:03	MEDIUM (7)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0607	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0606	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0605	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0604	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0603	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0602	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0601	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0600	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0599	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0598	2012‑03‑08 22:55:03	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0597	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0596	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0595	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0594	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0593	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0592	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2012‑0591	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑3971	2012‑02‑09 04:10:29	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events.	0	0	NETWORK
CVE‑2011‑3969	2012‑02‑09 04:10:29	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents.	0	0	NETWORK
CVE‑2011‑3968	2012‑02‑09 04:10:29	MEDIUM (4)	Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences.	0	0	NETWORK
CVE‑2011‑3966	2012‑02‑09 04:10:29	HIGH (8)	Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data.	0	0	NETWORK
CVE‑2011‑3958	2012‑02‑09 04:10:29	MEDIUM (7)	Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.	0	0	NETWORK
CVE‑2011‑3926	2012‑01‑24 04:03:36	HIGH (8)	Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.	0	0	NETWORK
CVE‑2011‑3924	2012‑01‑24 04:03:36	HIGH (8)	Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections.	0	0	NETWORK
CVE‑2011‑3913	2011‑12‑13 21:55:01	HIGH (8)	Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.	0	0	NETWORK
CVE‑2011‑3909	2011‑12‑13 21:55:01	MEDIUM (5)	The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.	0	0	NETWORK
CVE‑2011‑3908	2011‑12‑13 21:55:01	MEDIUM (5)	Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.	0	0	NETWORK
CVE‑2011‑3897	2011‑11‑11 11:55:03	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.	0	0	NETWORK
CVE‑2011‑3888	2011‑10‑25 19:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in.	0	0	NETWORK
CVE‑2011‑3885	2011‑10‑25 19:55:02	HIGH (8)	Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data.	0	0	NETWORK
CVE‑2011‑3252	2011‑10‑12 18:55:02	HIGH (9)	Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream.	0	0	NETWORK
CVE‑2011‑3244	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3241	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3239	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3238	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3237	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3236	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3235	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3234	2011‑09‑19 12:02:57	MEDIUM (5)	Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.	0	0	NETWORK
CVE‑2011‑3233	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑3219	2011‑10‑12 18:55:02	HIGH (9)	Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.	0	0	NETWORK
CVE‑2011‑3081	2012‑05‑01 10:12:04	HIGH (9)	Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.	0	0	NETWORK
CVE‑2011‑3078	2012‑05‑01 10:12:04	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081.	0	0	NETWORK
CVE‑2011‑3076	2012‑04‑05 22:02:08	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling.	0	0	NETWORK
CVE‑2011‑3075	2012‑04‑05 22:02:08	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.	0	0	NETWORK
CVE‑2011‑3074	2012‑04‑05 22:02:08	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media.	0	0	NETWORK
CVE‑2011‑3073	2012‑04‑05 22:02:08	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.	0	0	NETWORK
CVE‑2011‑3071	2012‑04‑05 22:02:08	MEDIUM (7)	Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.	0	0	NETWORK
CVE‑2011‑3069	2012‑04‑05 22:02:08	MEDIUM (7)	Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes.	0	0	NETWORK
CVE‑2011‑3068	2012‑04‑05 22:02:08	MEDIUM (7)	Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes.	0	0	NETWORK
CVE‑2011‑3064	2012‑03‑30 22:55:02	HIGH (8)	Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.	0	0	NETWORK
CVE‑2011‑3060	2012‑03‑30 22:55:02	MEDIUM (7)	Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.	0	0	NETWORK
CVE‑2011‑3059	2012‑03‑30 22:55:01	MEDIUM (7)	Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.	0	0	NETWORK
CVE‑2011‑3053	2012‑03‑22 16:55:01	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.	0	0	NETWORK
CVE‑2011‑3050	2012‑03‑22 16:55:01	MEDIUM (7)	Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.	0	0	NETWORK
CVE‑2011‑3044	2012‑03‑05 19:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.	0	0	NETWORK
CVE‑2011‑3043	2012‑03‑05 19:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.	0	0	NETWORK
CVE‑2011‑3042	2012‑03‑05 19:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.	0	0	NETWORK
CVE‑2011‑3041	2012‑03‑05 19:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.	0	0	NETWORK
CVE‑2011‑3040	2012‑03‑05 19:55:02	MEDIUM (4)	Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.	0	0	NETWORK
CVE‑2011‑3039	2012‑03‑05 19:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.	0	0	NETWORK
CVE‑2011‑3038	2012‑03‑05 19:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.	0	0	NETWORK
CVE‑2011‑3037	2012‑03‑05 19:55:02	MEDIUM (7)	Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.	0	0	NETWORK
CVE‑2011‑3036	2012‑03‑05 19:55:02	MEDIUM (7)	Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.	0	0	NETWORK
CVE‑2011‑3035	2012‑03‑05 19:55:01	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.	0	0	NETWORK
CVE‑2011‑3034	2012‑03‑05 19:55:01	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.	0	0	NETWORK
CVE‑2011‑3032	2012‑03‑05 19:55:01	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.	0	0	NETWORK
CVE‑2011‑3027	2012‑02‑16 20:55:04	MEDIUM (4)	Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.	0	0	NETWORK
CVE‑2011‑3021	2012‑02‑16 20:55:04	HIGH (8)	Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.	0	0	NETWORK
CVE‑2011‑3016	2012‑02‑16 20:55:03	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue.	0	0	NETWORK
CVE‑2011‑2877	2011‑10‑04 20:55:02	MEDIUM (7)	Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."	0	0	NETWORK
CVE‑2011‑2873	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2872	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2871	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2870	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2869	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2868	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2867	2012‑03‑08 22:55:02	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2866	2012‑03‑08 22:55:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.	0	0	NETWORK
CVE‑2011‑2860	2011‑09‑19 12:02:56	HIGH (8)	Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.	0	0	NETWORK
CVE‑2011‑2857	2011‑09‑19 12:02:56	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.	0	0	NETWORK
CVE‑2011‑2855	2011‑09‑19 12:02:56	MEDIUM (7)	Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."	0	0	NETWORK
CVE‑2011‑2854	2011‑09‑19 12:02:56	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."	0	0	NETWORK
CVE‑2011‑2847	2011‑09‑19 12:02:56	MEDIUM (7)	Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.	0	0	NETWORK
CVE‑2011‑2846	2011‑09‑19 12:02:56	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.	0	0	NETWORK
CVE‑2011‑2833	2012‑03‑08 22:55:01	HIGH (9)	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.	0	0	NETWORK
CVE‑2011‑2831	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2827	2011‑08‑29 15:55:02	HIGH (8)	Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.	0	0	NETWORK
CVE‑2011‑2825	2011‑08‑29 15:55:02	HIGH (9)	Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.	0	0	NETWORK
CVE‑2011‑2823	2011‑08‑29 15:55:02	HIGH (8)	Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box.	0	0	NETWORK
CVE‑2011‑2820	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2818	2011‑08‑03 00:55:03	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.	0	0	NETWORK
CVE‑2011‑2817	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2816	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2815	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2814	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2813	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2811	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2809	2011‑10‑12 18:55:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2799	2011‑08‑03 00:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.	0	0	NETWORK
CVE‑2011‑2797	2011‑08‑03 00:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.	0	0	NETWORK
CVE‑2011‑2792	2011‑08‑03 00:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal.	0	0	NETWORK
CVE‑2011‑2790	2011‑08‑03 00:55:02	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles.	0	0	NETWORK
CVE‑2011‑2788	2011‑08‑03 00:55:02	MEDIUM (7)	Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.	0	0	NETWORK
CVE‑2011‑2359	2011‑08‑03 00:55:01	MEDIUM (7)	Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."	0	0	NETWORK
CVE‑2011‑2356	2011‑10‑12 18:55:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2354	2011‑10‑12 18:55:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2352	2011‑10‑12 18:55:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2351	2011‑06‑29 17:55:04	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.	0	0	NETWORK
CVE‑2011‑2341	2011‑10‑12 18:55:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2339	2011‑10‑12 18:55:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑2338	2011‑10‑12 18:55:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.	0	0	NETWORK
CVE‑2011‑1451	2011‑05‑03 22:55:02	HIGH (8)	Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."	0	0	NETWORK
CVE‑2011‑1449	2011‑05‑03 22:55:02	MEDIUM (7)	Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.	0	0	NETWORK
CVE‑2011‑1440	2011‑05‑03 22:55:01	MEDIUM (7)	Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.	0	0	NETWORK
CVE‑2011‑1296	2011‑03‑25 19:55:01	HIGH (8)	Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."	0	0	NETWORK
CVE‑2011‑1293	2011‑03‑25 19:55:01	HIGH (8)	Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.	0	0	NETWORK
CVE‑2011‑1204	2011‑03‑11 02:01:20	MEDIUM (7)	Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.	0	0	NETWORK
CVE‑2011‑1203	2011‑03‑11 02:01:20	HIGH (8)	Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."	0	0	NETWORK
CVE‑2011‑1188	2011‑03‑11 02:01:19	HIGH (8)	Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.	0	0	NETWORK
CVE‑2011‑1121	2011‑03‑01 23:00:04	HIGH (8)	Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.	0	0	NETWORK
CVE‑2011‑1117	2011‑03‑01 23:00:03	HIGH (8)	Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."	0	0	NETWORK
CVE‑2011‑1115	2011‑03‑01 23:00:03	HIGH (8)	Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."	0	0	NETWORK
CVE‑2011‑1114	2011‑03‑01 23:00:03	HIGH (8)	Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."	0	0	NETWORK
CVE‑2011‑1109	2011‑03‑01 23:00:03	HIGH (8)	Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."	0	0	NETWORK
CVE‑2011‑0983	2011‑02‑10 19:00:02	HIGH (8)	Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."	0	0	NETWORK
CVE‑2011‑0981	2011‑02‑10 19:00:02	HIGH (8)	Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."	0	0	NETWORK
CVE‑2011‑0259	2011‑10‑12 18:55:01	HIGH (8)	CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.	0	0	NETWORK
CVE‑2011‑0192	2011‑03‑03 20:00:03	HIGH (9)	Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.	0	0	NETWORK
CVE‑2011‑0191	2011‑03‑03 20:00:03	HIGH (9)	Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.	0	0	NETWORK
CVE‑2011‑0170	2011‑03‑03 20:00:03	HIGH (9)	Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile in a JPEG image.	0	0	NETWORK
CVE‑2011‑0168	2011‑03‑03 20:00:03	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0165	2011‑03‑03 20:00:03	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0164	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0156	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0155	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0154	2011‑03‑03 20:00:02	MEDIUM (5)	WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement the .sort function for JavaScript arrays, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0153	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0152	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0151	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0150	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0149	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to a "dangling pointer" and iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0148	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0147	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0146	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0145	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0144	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0143	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0142	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0141	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0140	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0139	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0138	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0137	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0136	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0135	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0134	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0133	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during layout actions for floating blocks associated with pseudo-elements, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0132	2011‑03‑03 20:00:02	HIGH (8)	Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0131	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0130	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0129	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0128	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0127	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0126	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0125	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0124	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0123	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0122	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0121	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0120	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0119	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0118	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0117	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0116	2011‑03‑03 20:00:02	HIGH (8)	Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0115	2011‑03‑03 20:00:02	HIGH (8)	The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0114	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0113	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0112	2011‑03‑03 20:00:02	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2011‑0111	2011‑03‑03 20:00:01	HIGH (8)	WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.	0	0	NETWORK
CVE‑2010‑4494	2010‑12‑07 21:00:10	HIGH (8)	Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.	0	0	NETWORK
CVE‑2010‑4008	2010‑11‑17 01:00:03	MEDIUM (4)	libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.	0	0	NETWORK
CVE‑2010‑3190	2010‑08‑31 20:00:02	HIGH (9)	Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability."	0	0	NETWORK
CVE‑2010‑1824	2010‑09‑24 19:00:04	HIGH (9)	Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.	0	0	NETWORK
CVE‑2010‑1823	2010‑09‑24 19:00:04	HIGH (9)	Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098.	0	0	NETWORK
CVE‑2010‑1795	2010‑08‑20 20:00:02	HIGH (9)	Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.	0	0	NETWORK
CVE‑2010‑1777	2010‑07‑30 13:26:13	HIGH (9)	Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL.	0	0	NETWORK
CVE‑2010‑1769	2010‑06‑18 16:30:01	HIGH (10)	WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.	0	0	NETWORK
CVE‑2010‑1768	2010‑08‑20 20:00:01	MEDIUM (7)	Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.	0	0	LOCAL
CVE‑2010‑1763	2010‑06‑18 16:30:01	HIGH (10)	Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769.	0	0	NETWORK
CVE‑2010‑1387	2010‑06‑18 16:30:01	HIGH (9)	Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.	0	0	NETWORK
CVE‑2010‑0532	2010‑03‑31 18:30:00	MEDIUM (7)	Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.	0	0	LOCAL
CVE‑2010‑0531	2010‑03‑31 18:30:00	MEDIUM (4)	Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.	0	0	NETWORK

Get the IT stuff done that nobody wants to do.

Patch more applications, achieve compliance, and prevent problems while reducing stress with Lavawall®.

Security First

A security tool by security auditors. From Passkeys and Argon2i to source validation and MVSP principles, Lavawall® has you covered.

Constant Improvement

More features and more security added nearly every day.

Windows change log
Linux change log

More patchable programs added every week

While Ninite and other patching tools have had the same patch offerings for decades, we're monitoring stats to keep adding the most useful prorgams.

Learn More

Details matter

From wrapping TLS communications in extra encryption and uninstalling remote support tools when they aren't used to detailed statistical analysis of system and network performance, Lavawall® goes in-depth.

Learn More

Chromium extensions and Notification Validation

Lavawall® goes beyond patches and breach detection. We also monitor for risky Chromium extensions and allowed notifications that might be part of a phishing or ransomware attack.

Learn More

Extended Cloud Security

Extend the security features of Cloudflare, Microsoft, Google, Sophos, and other cloud providers to create a Lavawall® of protection

Learn More

Secure Remote Management

Even if you used breached remote management tools like ScreenConnect through Lavawall® when it was vulnerable, your computers stayed safe because we only install the agent when it needs to be used.

Learn More

Integrations and automation

Easily deploy, monitor, and analyze security tools like Huntress, AutoElevate, and Sophos. Magically gain details from ZenDesk, ConnectWise, Datto, Panorama9, Microsoft, and Google.

Learn More

Human and automated support

Get immediate fixes, user notifications, admin notifications -- and even security-certified human level 3 support when our advanced statistical analysis confirms a problem or anomaly.

Learn More

We are constantly improving the Lavawall® tools to add more value. Some of our most recent changes include:

2024‑09‑05	0.11.106.164	Phased deployment enhancements
2024‑09‑04	0.11.103.161
2024‑09‑02	0.11.102.160	CPU Optimizations and Packages reliability improvements
2024‑08‑30	0.11.99.157	CPU Optimizations and Packages reliability improvements
2024‑08‑29	0.11.98.156	CPU utilization and console event optimization
2024‑08‑28	0.11.97.155	Reliability to detect unusual updates like redistributables.
2024‑08‑27	0.11.96.154
2024‑08‑26	0.11.95.153	Faster response for reboot requests
2024‑08‑20	0.11.92.150	Additional package upgrade pre-requisites
2024‑08‑15	0.11.89.147
2024‑08‑06	0.11.87.145
2024‑07‑26	0.11.83.141	Add resiliency for MAC duplicates and uptime
2024‑07‑25	0.11.82.140	Changes to facilitate cross-platform use. Bitlocker and Windows key refinements
2024‑07‑15	0.11.80.138	Antivirus and temperature added to configuration checks
2024‑07‑15	0.11.79.137	Add configuration checks for execution policy and secure boot
2024‑07‑11	0.11.77.135	load balancing refinements
2024‑07‑10	0.11.76.134	Add additional load balancing and data residency capabilities, add randomness to recurring task timings to decrease server load
2024‑07‑05	0.11.74.132	changes to graph and residual work on user imporsonation
2024‑07‑04	0.11.73.131	Add configuration checks for execution policy and secure boot.
2024‑07‑03	0.11.72.130	Enhanced event log monitoring
2024‑07‑02	0.11.71.129	Add details to Windows updates, enhanced risk metrics for application patches
2024‑06‑19	0.11.65.123	Update resiliancy and garbage collection
2024‑06‑13	0.11.60.118	Enhanced logging
2024‑06‑12	0.11.55.113	Include the primary drive serial number; MAC addresses for built-in wireless, Bluetooth, and ethernet into the device hash to restore uninstalled and reinstalled devices in cases where the motherboard serial is not unique
2024‑06‑07	0.11.54.112	Patch and package uninstall data addition
2024‑06‑05	0.11.47.105	refine per-user registry application listing
2024‑06‑02	0.11.45.103	uninstall and reinstall refinements, refine local logging, refine self-update and uninstall timing
2024‑05‑30	0.11.21.79	various bug fixes and improvements
2024‑05‑28	0.11.16.74	Error logging, registration, and uninstall improvements.
2024‑05‑24	0.11.14.72	applied changes for devices and login commands, changes for registration as well
2024‑05‑22	0.11.13.71	Add Windows computer model, improve Operating System parsing
2024‑05‑21	0.11.11.69	Added additional states for Windows update, flexibility for non-standard program file configurations, support for network diagrams at the switch level, details for Windows editions
2024‑05‑21	0.11.10.68	Add specific cases for Defender patterns and Composer versions.
2024‑05‑17	0.11.3.61	Change Log storage location to c:\program files\Lavawall
2024‑05‑17	0.11.1.59	self-update improvements.
2024‑05‑16	0.8.0.55	error log reporting and management.
2024‑05‑15	0.7.0.54	Websocket resiliency improvements
2024‑05‑09	0.6.0.53	Error log reporting and management.
2024‑05‑01	0.5.44.52	Even more improvements to scheduler
2024‑04‑24	0.5.41.49	Install compatibility with Sandbox
2024‑04‑22	0.5.21.29	Project property changes to enable automated compilation with new features.
2024‑04‑20	0.5.20.28	Add motherboard serial number and company reassignment
2024‑04‑11	0.5.4.12	Automate release notes as part of build process
2024‑04‑03	0.5.3.11	Websocket and service enhancements
2024‑03‑21	0.5.2.10	Enhance zip file validation
2024‑03‑20	0.5.1.9	Self-update enhancements
2024‑03‑20	0.5.0.8	Enhance installer capabilities
2024‑03‑08	0.4.2.7	Add details to available updates
2024‑03‑08	0.4.1.6	Add additional architecture and source information to application inventory
2024‑02‑22	0.4.0.5	Change compilation approach. The executable signed with an EV code signing certificate includes the company information so it is no longer required as an argument.

Although the Linux agent code base is mature, dating back to 2006, we're still constantly improving it to add value and compatibility for new distributions. Some of our most recent changes include:

2024‑05‑20	253	Added cleanup of old .json files during a re-install
2024‑05‑13	252	Added apt-get update to install
2024‑05‑06	248	Allow restart to use /var/run/reboot-required if needrestart is not installed
2024‑04‑22	239	Improve internal update and version tracking
2024‑04‑15	235	Add support for Yum packages
2024‑04‑08	233	Align patching with Windows patch reporting
2024‑04‑02	228	Add support for needrestart
2024‑03‑04	224	Schedule restarts
2024‑03‑25	221	Add support for apt packages
2024‑03‑18	212	Implement release management
2024‑03‑11	202	Add user login monitoring
2024‑03‑04	189	Enhance installation reliability
2024‑02‑26	187	Exapand triggers to identify if the instance needs to be restarted
2024‑02‑19	146	Improve compatibility for non-AWS instances
2024‑02‑14	138	Add self-uninstall capabilities
2024‑02‑12	135	Enhance scheduling flexibility
2024‑02‑07	132	Add kernel version tracking
2024‑02‑05	124	Add device hash to cryptographic self-update script validation
2024‑01‑29	107	Enhance encryption of patch data
2024‑01‑22	98	Improve how available storage is calculated
2024‑01‑15	97	Move initial tasks from installation file to sub scripts
2024‑05‑21	91	Improve multi-distribution compatibility
2024‑05‑21	79	Improve encryption reliability
2023‑12‑11	68	Enhance cryptographic validation of new scripts before updating
2023‑11‑20	62	Add inner layer of AES encryption in case TLS inspection doesn't allow for a secure connection
2023‑11‑27	56	Additional base cases for resiliancy
2023‑11‑20	54	Additional headers added to authentication process during installation.
2023‑11‑20	53	Enhanced key management
2023‑11‑15	51	Add insecure installation parameter to allow installation in environments with TLS inspection or other machine-in-the-middle situations.
2023‑11‑06	42	Enhance redundant encryption during installation.
2023‑10‑30	33	Improve install-over compatibility
2023‑10‑23	18	Add reboot configuration and scheduling
2023‑10‑23	17	Add self-updating functionality.
2023‑10‑16	15	Add Linux patching information for apt
2023‑10‑09	14	Collect system information
2023‑10‑09	13	Add Linux distribution information
2023‑09‑30	12	Add memory monitoring
2023‑09‑30	10	Add hardware information
2023‑09‑23	9	Add AWS information
2023‑09‑23	8	Add customized schedule capability for configuration updates
2023‑09‑23	7	Add support for package monitoring using package and dpkg logs
2023‑09‑16	6	Add storage data configuration gathering
2023‑09‑16	5	Add CPU information

Lavawall®'s data gathering approach started with Government and Fortune 50 information security audits. When our founder transitioned from audit and assurance work to a Managed IT Service Provider (MSP), he was shocked that basics like Multi-Factor Authentication were painful to implement in some RMMs like ConnectWise and it was impossible to turn off remote access services in others like Datto RMM and SuperOps.

Lavawall® was built from the ground up with these concerns and the Minimum Viable Secure Product requirements in mind.

Some of the controls we implemented include:

PassKeys as the preferred primary authentication at no additional cost
Single Sign-on using modern, maintained, and industry-standard protocols for all customers at no additional cost
Multi-Factor Authentication as a non-negotiable default
Encrypting communications the same way as TLS again within the TLS tunnel, so we can allow TLS inspection without breaking like Huntress or disclosing security vulnerabilities to eavesdroppers.
Encouraging external vulnerability reports and customer testing
Passwords checked against popular disclosed passwords, hashed before they leave your computer, and then stored using Argon2id
Not requiring the use of passwords at all. We consider them a temporary backup authentication in case you can't use passkeys or SSO.

Lavawall® scanning computers are on dedicated servers in Calgary, Alberta, Canada.
Lavawall® databases and front-end systems are hosted with AWS in Montréal, Québec, Canada.
We send emails through AWS in Ireland and dedicated servers in Calgary, Alberta, Canada.
We send text messages for additional identity verification through Twilio in the United States.
We store executables and pass requests through Cloudflare at your nearest edge location.
We use Cloudflare for risk management, turnstile, and web application firewall services.
We use LeadPages for landing pages.
We use Google and Facebook for analytics on our public-facing pages, but they do not have access to the console.
We integrate with third-party tools, such as Microsoft, Google, Huntress, Screen Connect, Axcient, and Datto in their respective locations. However, you must initiate these integrations through single sign-on or by enabling them in your Lavawall® console.

Active security by design

Lavawall® is under active development with the latest release on

5+

Interfaces

150+

Monitored Applications

7+

System Metrics

Actively manage your IT with Lavawall®

Patching

Updates Beyond Windows

Lavawall® prevents the 80% of breaches and failed audits due to missing patches and updates.
You can reduce application patching delays from 67 days to nearly immediate with the 150+ applications that Lavawall® monitors and patches.

Patch release monitoring

Monitor everything without having to select packages or “managed applications”

Patch impact classification

Standard and optional Windows patches

Application Patching

Some of the applications that Lavawall® monitors and audits include:

.NET updates

1Password

3CX Desktop App

3CXPhone for Windows

6.0 .NET Desktop Runtime

6.0 .NET Runtime

6.0 .NET SDK

6.0 ASP.NET Core Runtime

7-Zip

7.0 .NET Desktop Runtime

7.0 .NET Runtime

7.0 .NET SDK

7.0 ASP.NET Core Runtime

8.0 .NET Desktop Runtime

8.0 .NET Runtime

8.0 .NET SDK

8.0 ASP.NET Core Runtime

9.0 .NET Desktop Runtime

9.0 .NET Runtime

9.0 .NET SDK

9.0 ASP.NET Core Runtime

Acer Configuration Manager

Acer drivers and firmware

Acronis True Image

ActiveState Komodo Edit

Adblock Plus

Adobe Acrobat (64-bit)

Adobe Acrobat DC (64-bit)

Adobe Acrobat Pro

Adobe Acrobat Reader

Adobe Acrobat Reader DC

Adobe Creative Cloud

Adobe InDesign

Adobe Photoshop

Advanced IP Scanner

AIMP

Alienware Command Center Suite

Amazon Chime

Amazon Corretto 22

Amazon Games

Amazon Kindle

Amazon Music

Anaconda3

AnyDesk Windows

Apache HTTP Server

Arduino USB Driver

ASUS drivers and firmware

Autodesk Advance Steel

Autodesk AutoCAD Architecture

Autodesk Revit

AutoElevate

Automatically Added Applications

Avaya Workplace

AWS Copilot CLI

AWS VPN Linux

AWS VPN MacOS

AWS VPN Windows

Axcient Backup Agent

Azure drivers and updates

Azure VPN Client

Bitdefender Endpoint

Bitwarden

Bitwarden Browser Extension

Bitwarden CLI

Bitwarden MacOS

Bitwarden Server

Bluebeam Revu

Brady Workstation

Brave Browser

Brother drivers and firmware

Burp Suite Beta

Burp Suite Enterprise Edition

Burp Suite Stable

Canon My Printer

Caseware Working Papers

CCleaner

Chocolatey

Chrome Remote Desktop

Citrix Workspace

Clean Your Device

Cloudflare WARP

Code::Blocks

Composer - PHP Dependency Manager

Conexant drivers and firmware

CrowdStrike Falcon

CrowdStrike Windows Sensor

CutePDF Writer

Datto Endpoint Backup

Datto RMM

Dell Command

Dell drivers and firmware

Dell iDRAC Service Module

Dell Optimizer

Dell Support Assist

DisplayLink Graphics Driver

Docker Desktop

docuPrinter Pro

DoxCycle

Dropbox

Dymo Connect

Dymo ID

Dymo Scale

Dynamo Core

Dynamo Revit

Elan drivers and firmware

Evernote

Evoluent drivers and firmware

ExpressConnect Drivers

FARO LS

FileZilla Client

FileZilla Server

Firefox

Foobar2000

Formit

FortiClient VPN

FreeCAD

Garmin drivers and firmware

GIMP

Git

GitHub Desktop

Glance Client

Glance Guest

GN Audio drivers and firmware

Go Language

Go Programming Language

Google Chrome

Google Drive

Google Earth

GoTo 4

GoTo Desktop App

GoTo Meeting Desktop App

GoTo Opener

GoTo Resolve Desktop Console

GoToAssist Expert

GrampsAIO64

Heidi Eraser

HeidiSQL

HP Click

HP drivers and firmware

HP I.R.I.S. OCR

HP OCR

HP Scan Basic Device Software

Huntress Agent

Huntress Rio

ICS

Inkscape

Intel drivers and firmware

IrfanView

IronPython

ITE Tech drivers and firmware

iTunes

Java 8

KeePass Password Safe 1

KeePass Password Safe 2

Krisp Ai Meeting Manager

LastPass Desktop

Lenovo Commercial Vantage

Lenovo drivers and firmware

Lenovo System Update

Lenovo Update Retriever

Lenovo Vantage

Lexmark drivers and firmware

Lexmark International Printer

LibreOffice

libusb-win32 drivers

Local Administrator Password Solution

Logi Bolt

Logitech drivers and firmware

Loom

Magic Control Technology drivers and firmware

ManageEngine ADSelfService

MAXtoA

Microsoft Defender

Microsoft Defender Engine

Microsoft Defender Engine Version

Microsoft Defender Platform

Microsoft Defender Platform Version

Microsoft Defender Version

Microsoft Dynamics Station 1

Microsoft Dynamics Station 2

Microsoft Dynamics Station 3

Microsoft Dynamics Station 4

Microsoft Dynamics Station 5

Microsoft Dynamics Station 6

Microsoft Edge

Microsoft Malicious Software Removal

Microsoft OneDrive

Microsoft PowerBI Desktop (x64)

Microsoft Teams

Microsoft Teams Classic

Microsoft Teams Free

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2013 Redistributable (x64)

Microsoft Visual C++ 2015-2019 Redistributable (x64)

Microsoft Visual C++ 2017 Redistributable (x86)

Microsoft Visual Studio Code

Microsoft.UI.Xaml.2.7

Microsoft.UI.Xaml.2.8

MozBackup

Mozilla Maintenance Service

MySQL Community Server

MySQL Workbench

Nmap

Node.js LTS

NordPass

NordVPN

Norton 360

Norton Secure VPN

Norton Security

Notepad++

Nox APP Player

NV Access

NVIDIA GeForce Experience

NVIDIA Graphics Driver

NVIDIA PhysX System Software

OBS Studio

Obsidian

OpenOffice

OpenShot Video Editor

OpenSSL

OpenVPN Connect v2

OpenVPN Connect v3

Palisade @RISK Platform

Panorama9

PDF Architect

PeaZip

Perimeter 81

Pidgin

Plex Media Server

PostgreSQL 12

PostgreSQL 13

PostgreSQL 14

PostgreSQL 15

PostgreSQL 16

Postman x86_64

PowerBI Desktop

ProFile

Pulse Secure

PuTTY

Python 3.11

Python 3.12

Python Launcher

Pythonnet

qBittorrent

QuickBooks Premier

Raspberry Pi Imager

Reaktek Audio Driver

Realtek drivers and firmware

RealVNC Server

RealVNC Viewer

reMarkable

Remote Access

RICOH drivers and firmware

RingCentral

Room Sketcher

SafeNet Authentication

Safenet drivers and firmware

Sage 50 Accounting

ScanSnap Home

ScanSnap Manager

ScreenConnect

ScreenConnect Client

ShowMyPC

SketchUp

Skype

Skype for Business

Slack

Sonos Controller

Sophos Endpoint Agent

SourceTree

SQL Server 2019

SQL Server 2022

SunplusIT drivers and firmware

superpowered.me

Symantec AgentInstall

Symantec WSS Agent

Synology Acvtive Backup for Business

Synology Assistant

TaxCycle

Teamviewer

Tenable Nessus

Tenorshare

Thunderbird

TightVNC

Titus Classification

TriGrid Windows Connector

Trillian

TrueCrypt

TruGrid Windows Connector

TunnelBear

U.S. Robotics Corporation Model 5637 Voice Driver

Umbrella Roaming Client

UXP WebView

VeraCrypt

Visual Studio 2013

Visual Studio 2015

Visual Studio 2017

Visual Studio 2019

Visual Studio 2022

VLC

VMware Player

VMware Tools

Webex Cisco Windows

Wildix Collaboration

Wildix Integration Service

Windows Defender updates

Windows PC Health Check

WinPcap

WinRAR

WireGuard

Wireshark

X Split Gamecaster

Xerox WorkCentre

XnResize

XnView Classic

XnView MP

Xprotect

Yarn

Yubikey Manager

Zebra Setup Utilities

Zebra Status Monitor

Zed Attack Proxy (ZAP)

Zoom

Zoom Workspace

Zwift

Logos, products, trade names, and company names are all the property of their respective trademark holders.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.

Learn More

Flexible Term; Flexible Service

Flexibility for your dynamic business

You need to get your arms around compliance and security and don't want to get locked into “high watermark” monthly invoices or multi-year contracts.

Pay-as-you-need monthly pricing

DIY, full management, and coaching options

CMMI, PCI, SOC2, Canadian Cybersecurity, Minimum Viable Secure Product, and other compliance support

Choose the plan that's right for you

Simple pricing. No hidden fees. Advanced features for you business.

Month

Annual

Get 2 months free with Annual!

DIY

Security-focused RMM

^C$3.25 /computer/Month

^C$32.50 /computer/Year

1 computer
or 1 of the following cloud integrations:
AWS, Axcient, Connectwise, Datto, Google, Huntress, M365, Sophos Central integrations
(each integration counts as 1 computer)
150+ application patches
30-day Logs
Security configuration monitoring
Anomaly detection
CMMI, MVSP, CyberCanda compliance
Lavawall® support
Sophos MDR: C$13.50/desktop

Sophos MDR: C$162/desktop
Huntress: C$5.40/device

Huntress: C$64.80/device
Available white-label support for end users
Level 3+ IT support for IT
Weekly IT coaching sessions

Popular

Managed Security & Support

Unlimited end-user support

^C$160 /user/Month

^C$1,600 /user/Year

1 computer/user
Additional devices charged at DIY prices
AWS, Axcient, Connectwise, Datto, Google, Huntress, M365, Sophos Central integrations
150+ application patches
90-day Logs
Security configuration monitoring
Anomaly detection
CMMI, MVSP, CyberCanda compliance
Lavawall® support
Sophos MDR Essentials
Huntress
White-label email and phone support for end users
Level 3+ IT support for IT
Weekly IT coaching sessions
Automatic discount and upgrade to Support & Coaching after 15 users

Support & Coaching

Improve your IT performance

^$2,250 /Month

^$22,500 /Year

25 computers included
Additional computers charged at DIY prices
AWS, Axcient, Connectwise, Datto, Google, Huntress, M365, Sophos Central integrations
150+ application patches
90-day Logs
Security configuration monitoring
Anomaly detection
CMMI, MVSP, CyberCanda compliance
Lavawall®-only support
Sophos MDR Essentials
Huntress
White-label email and phone support for 15 users included Additional: C$150/user Additional: C$1,500/user
L3 IT support for IT
Weekly IT coaching sessions

Frequently Asked Questions

If you can not find answer to your question in our FAQ, you can always contact us or email us. We will answer you shortly!

General Questions

The three big catalysts for Lavawall® were:

Two years after a missing Plex Media Server led to the LastPass breach, the Remote Monitorign and Management (RMM) tools availabel for Manged IT Service Providers (MSPs) still didn't monitor for it.
Going through industry-specific applications, we noticed many were missing from the big RMM and patching providers. MSPs, insurance providers, and organizations that put their cleints at risk need to know about these risks, which lead to the largest number of critical audit findings and breaches
After 20 years of writing the same audit findings about system configurations, Payment Card Industry (PCI) compliance, and missing patches, our technical co-founder wanted to make it easier fo avoid these findings
The existing risk visibility tools for insurance underwriters took a shallow look at Internet-facing risks. They -- along with all businesses -- need a deeper view of the threats that could actually lead to breaches.

Lavawall® breaks vulnerabilities into the following groups:

Domain risks
Operating System (OS) patches
Application patches
Network vulnerabilities
Cloud vulnerabilities
OS configurations

We are currently building more third-party interfaces. Current interfaces include:

Axcient*
Cloudflare
Connectwise Screen Connect
Datto RMM
FreshDesk*
Huntress
Microsoft 365
Panorama9
ZenDesk

*In limited release/development

Yes!
You can use your own logo for the console and notifications. You can also use a CNAME to automatically brand your console.
Note: you cannot currently re-proxy the CNAME to Lavawall® through Cloudflare.

Privacy & Security

We encourage primary authentication for Lavawall® through Passkeys or Single Sign On (SSO).
However, we do allow passwords and use passwords as part of the zero-knowledge encryption for your clients' sensitive data, such as Bitlocker keys and Personally-Identifiable Information (PII).
These passwords use Argon2id slow hashes with individual salts and peppers.

Yes! Lavawall communicates with its endpoints through TLS. However, given that many of our clients want to be as secure as possible and have TLS inspection enabled, we allow for "insecure" connections with invalid certificates, which result from such configurations.
We have added an additional secure tunnel that mimics the TLS process within the public TLS tunnel. This extra tunnel provides authentication and privacy for the workstations and the Lavawall® servers to prevent attacks such as the one that took down Solar Winds.

We do not enable remote access tools like ScreenConnect unless you authorize them and are logged in. Lavawall® was not vulnerable to the ScreenConnect vulnerability because we install and uninstall it right before it's used. In addition, we give the option of linking to Access.

Remote access is not enabled for read-only and audit situations.

Lavawall®'s designer holds a CISSP and CISA. In addition, we have external and internal security reviews.

Get In Touch

Have a quick question and don't want to talk? Send us a quick note with the form below and we'll reply within one business day.

NW Calgary:

(By Appointment Only)
ThreeShield Information Security Corporation
600 Crowfoot Crescent N.W., Suite 340
Calgary, Alberta
T3G 0B4

SE Calgary:

(By Appointment Only)
ThreeShield Information Security Corporation
105, 11500 - 29th St. SE
Calgary, Alberta
T2Z 3W9
Canada

Phone

+1-403-538-5053

Sales Hours:

9:00am to 5:00pm Mountain Time

Support Hours:

7:00am to 7:00pm Mountain Time

On-Call Support Hours:

24/7

Name

Please enter your name

Please use a valid email address

Phone

Comments

Monitor the real security risks with Lavawall®

Update iTunes to version 12132.3.2017

What patches are you missing?

CVE Vulnerabilities for iTunes

Get the IT stuff done that nobody wants to do.

Security First

Constant Improvement

More patchable programs added every week

Details matter

Chromium extensions and Notification Validation

Extended Cloud Security

Secure Remote Management

Integrations and automation

Human and automated support

Lavawall® service for Windows® Changelog

Lavawall® service for Linux Changelog

What about Lavawall® security?

Where is my data stored?

Active security by design

5+

150+

7+

Actively manage your IT with Lavawall®

Patching

Updates Beyond Windows

Patch release monitoring

Monitor everything without having to select packages or “managed applications”

Patch impact classification

Standard and optional Windows patches

Application Patching

Some of the applications that Lavawall® monitors and audits include: