VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,443 total · sorted by risk
  • CVE-2012-3625Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3620Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3618Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3615Jul 25, 2012
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3611Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3610Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3609Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3608Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3605Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3604Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3603Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3600Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3599Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3597Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3596Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3595Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3594Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3593Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3592Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3591Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3590Jul 25, 2012
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3589Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-1520Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-0683Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-0682Jul 25, 2012
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.

  • CVE-2012-3697Jul 25, 2012
    risk 0.00cvss epss 0.02

    WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers to bypass intended sandbox restrictions and read arbitrary files by leveraging a WebProcess compromise.

  • CVE-2012-3696Jul 25, 2012
    risk 0.00cvss epss 0.01

    CRLF injection vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP request splitting attacks via a crafted web site that leverages improper WebSockets URI handling.

  • CVE-2012-3695Jul 25, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML by leveraging improper URL canonicalization during the handling of the location.href property.

  • CVE-2012-3694Jul 25, 2012
    risk 0.00cvss epss 0.01

    WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web site.

  • CVE-2012-3693Jul 25, 2012
    risk 0.00cvss epss 0.01

    Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs.

  • CVE-2012-3691Jul 25, 2012
    risk 0.00cvss epss 0.01

    WebKit in Apple Safari before 6.0 does not properly handle Cascading Style Sheets (CSS) property values, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

  • CVE-2012-3690Jul 25, 2012
    risk 0.00cvss epss 0.01

    WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to read arbitrary files via a crafted web site.

  • CVE-2012-3689Jul 25, 2012
    risk 0.00cvss epss 0.01

    WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.

  • CVE-2012-3650Jul 25, 2012
    risk 0.00cvss epss 0.01

    WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SVG images, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.

  • CVE-2012-0680Jul 25, 2012
    risk 0.00cvss epss 0.02

    Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote attackers to bypass authentication by leveraging an unattended workstation.

  • CVE-2012-0679Jul 25, 2012
    risk 0.00cvss epss 0.01

    Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL.

  • CVE-2012-0678Jul 25, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL.

  • CVE-2012-1148Jul 3, 2012
    risk 0.00cvss epss 0.04

    Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding…

  • CVE-2012-1147Jul 3, 2012
    risk 0.00cvss epss 0.03

    readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.

  • CVE-2012-2824Jun 27, 2012
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting.

  • CVE-2012-2807Jun 27, 2012
    risk 0.00cvss epss 0.02

    Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2012-0671May 16, 2012
    risk 0.00cvss epss 0.05

    Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.

  • CVE-2012-0670May 16, 2012
    risk 0.00cvss epss 0.05

    Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file.

  • CVE-2012-0669May 16, 2012
    risk 0.00cvss epss 0.05

    Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.

  • CVE-2012-0668May 16, 2012
    risk 0.00cvss epss 0.05

    Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding.

  • CVE-2012-0667May 16, 2012
    risk 0.00cvss epss 0.03

    Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file.

  • CVE-2012-0666May 16, 2012
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object.

  • CVE-2012-0665May 16, 2012
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

  • CVE-2012-0664May 16, 2012
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text track in a movie file.

  • CVE-2012-0265May 16, 2012
    risk 0.00cvss epss 0.05

    Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file.

Page 138 of 169