Filtered by vendor Apple Subscriptions
Total 14575 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-1785 3 Apple, Microsoft, Redhat 8 Mac Os X, Mac Os X Server, Safari and 5 more 2025-04-11 N/A
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document.
CVE-2012-0621 1 Apple 2 Iphone Os, Itunes 2025-04-11 N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0624 1 Apple 2 Iphone Os, Itunes 2025-04-11 N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0648 1 Apple 2 Itunes, Webkit 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
CVE-2012-0651 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
The directory server in Directory Service in Apple Mac OS X 10.6.8 allows remote attackers to obtain sensitive information from process memory via a crafted message.
CVE-2012-0662 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.
CVE-2012-0671 1 Apple 1 Quicktime 2025-04-11 N/A
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.
CVE-2010-1796 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2025-04-11 N/A
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields.
CVE-2012-0678 1 Apple 1 Safari 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL.
CVE-2012-0679 1 Apple 1 Safari 2025-04-11 N/A
Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL.
CVE-2010-1799 2 Apple, Microsoft 2 Quicktime, Windows 2025-04-11 N/A
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2010-1802 1 Apple 3 Libsecurity, Mac Os X, Mac Os X Server 2025-04-11 N/A
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com.
CVE-2010-1815 4 Apple, Canonical, Redhat and 1 more 5 Iphone Os, Ipod Touch, Ubuntu Linux and 2 more 2025-04-11 N/A
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.
CVE-2010-1818 1 Apple 1 Quicktime 2025-04-11 N/A
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
CVE-2011-1290 2 Apple, Rim 3 Webkit, Blackberry Torch 9800, Blackberry Torch 9800 Firmware 2025-04-11 N/A
Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.
CVE-2011-1305 3 Apple, Google, Linux 3 Macos, Chrome, Linux Kernel 2025-04-11 N/A
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.
CVE-2010-1824 2 Apple, Google 2 Itunes, Chrome 2025-04-11 N/A
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.
CVE-2010-1829 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to execute arbitrary code by creating files that are outside the bounds of a share.
CVE-2010-1830 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors.
CVE-2012-0779 6 Adobe, Apple, Google and 3 more 6 Flash Player, Mac Os X, Android and 3 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012.