VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,445 total · sorted by risk
  • CVE-2011-2857Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.

  • CVE-2011-2855Sep 19, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

  • CVE-2011-2854Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."

  • CVE-2011-2847Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

  • CVE-2011-2846Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.

  • CVE-2011-2834Sep 19, 2011
    risk 0.00cvss epss 0.02

    Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

  • CVE-2011-3422Sep 12, 2011
    risk 0.00cvss epss 0.01

    The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate,…

  • CVE-2011-0258Sep 6, 2011
    risk 0.00cvss epss 0.05

    Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file.

  • CVE-2011-2827Aug 29, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.

  • CVE-2011-2825Aug 29, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.

  • CVE-2011-2823Aug 29, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box.

  • CVE-2011-2821Aug 29, 2011
    risk 0.00cvss epss 0.02

    Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.

  • CVE-2011-3170Aug 19, 2011
    risk 0.00cvss epss 0.04

    The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different…

  • CVE-2011-2896Aug 19, 2011
    risk 0.00cvss epss 0.13

    The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the…

  • CVE-2011-0256Aug 15, 2011
    risk 0.00cvss epss 0.04

    Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file.

  • CVE-2008-7296Aug 9, 2011
    risk 0.00cvss epss 0.01

    Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security…

  • CVE-2011-0252Aug 4, 2011
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file.

  • CVE-2011-0251Aug 4, 2011
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file.

  • CVE-2011-0250Aug 4, 2011
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.

  • CVE-2011-0249Aug 4, 2011
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.

  • CVE-2011-0248Aug 4, 2011
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file.

  • CVE-2011-0247Aug 4, 2011
    risk 0.00cvss epss 0.05

    Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.

  • CVE-2011-0246Aug 4, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

  • CVE-2011-0245Aug 4, 2011
    risk 0.00cvss epss 0.04

    Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.

  • CVE-2011-2819Aug 3, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.

  • CVE-2011-2818Aug 3, 2011
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.

  • CVE-2011-2805Aug 3, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.

  • CVE-2011-2800Aug 3, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.

  • CVE-2011-2799Aug 3, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.

  • CVE-2011-2797Aug 3, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.

  • CVE-2011-2792Aug 3, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal.

  • CVE-2011-2790Aug 3, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles.

  • CVE-2011-2788Aug 3, 2011
    risk 0.00cvss epss 0.01

    Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.

  • CVE-2011-2359Aug 3, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

  • CVE-2011-1797Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-1462Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-1457Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-1453Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-1288Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0255Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0254Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0253Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0244Jul 21, 2011
    risk 0.00cvss epss 0.01

    WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds.

  • CVE-2011-0242Jul 21, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username.

  • CVE-2011-0240Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0238Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0237Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0235Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0234Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

  • CVE-2011-0233Jul 21, 2011
    risk 0.00cvss epss 0.04

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Page 144 of 169