VYPR

Vendor CVEs

Apple Inc.

All CVEs

8,445 total · sorted by risk
  • CVE-2011-0137Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0136Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0135Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0134Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0133Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during layout actions for floating blocks associated with pseudo-elements, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory…

  • CVE-2011-0132Mar 3, 2011
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or…

  • CVE-2011-0131Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0130Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0129Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0128Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0127Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0126Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0125Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0124Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0123Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0122Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0121Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0120Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0119Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0118Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0117Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0116Mar 3, 2011
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via…

  • CVE-2011-0115Mar 3, 2011
    risk 0.00cvss epss 0.03

    The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary…

  • CVE-2011-0114Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0113Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0112Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2011-0111Mar 3, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs…

  • CVE-2010-4754Mar 2, 2011
    risk 0.00cvss epss 0.01

    The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any…

  • CVE-2011-1121Mar 1, 2011
    risk 0.00cvss epss 0.02

    Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.

  • CVE-2011-1117Mar 1, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."

  • CVE-2011-1115Mar 1, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

  • CVE-2011-1114Mar 1, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

  • CVE-2011-1109Mar 1, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

  • CVE-2011-1107Mar 1, 2011
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors.

  • CVE-2011-0983Feb 10, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

  • CVE-2011-0981Feb 10, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

  • CVE-2011-0639Jan 25, 2011
    risk 0.00cvss epss 0.00

    Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a…

  • CVE-2010-4013Jan 10, 2011
    risk 0.00cvss epss 0.02

    Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to interaction between Software Update and distribution scripts.

  • CVE-2010-1804Dec 22, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 allows remote attackers to cause a denial of service (networking outage) via a crafted DHCP reply.

  • CVE-2010-0039Dec 22, 2010
    risk 0.00cvss epss 0.02

    The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 modifies PORT commands in incoming FTP traffic, which allows remote attackers to use the device's IP address for arbitrary…

  • CVE-2009-2189Dec 22, 2010
    risk 0.00cvss epss 0.01

    The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, which allows remote attackers to cause a denial…

  • CVE-2010-4009Dec 9, 2010
    risk 0.00cvss epss 0.05

    Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

  • CVE-2010-3802Dec 9, 2010
    risk 0.00cvss epss 0.05

    Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.

  • CVE-2010-3801Dec 9, 2010
    risk 0.00cvss epss 0.05

    Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file.

  • CVE-2010-3800Dec 9, 2010
    risk 0.00cvss epss 0.05

    Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.

  • CVE-2010-1508Dec 9, 2010
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.

  • CVE-2010-0530Dec 9, 2010
    risk 0.00cvss epss 0.00

    Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.

  • CVE-2010-4012Dec 8, 2010
    risk 0.00cvss epss 0.00

    Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button.

  • CVE-2010-3832Nov 26, 2010
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field.

  • CVE-2010-3831Nov 26, 2010
    risk 0.00cvss epss 0.01

    Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a "Send to MobileMe" action.

Page 147 of 169