Filtered by vendor Apple
Subscribe
Total
12581 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4665 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2019-03-08 | 4.3 MEDIUM | 3.3 LOW |
| An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Sandbox Profiles" component, which allows attackers to read audio-recording metadata via a crafted app. | |||||
| CVE-2017-7095 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2017-13799 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13862 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2015-1104 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 5.0 MEDIUM | N/A |
| The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet. | |||||
| CVE-2014-4486 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2019-03-08 | 10.0 HIGH | N/A |
| IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app. | |||||
| CVE-2017-2445 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2019-03-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects. | |||||
| CVE-2017-7130 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-4142 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted string. | |||||
| CVE-2014-1294 | 1 Apple | 2 Iphone Os, Tvos | 2019-03-08 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, and CVE-2014-1293. | |||||
| CVE-2015-7039 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 6.8 MEDIUM | N/A |
| Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038. | |||||
| CVE-2017-7107 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2015-8035 | 4 Apple, Canonical, Debian and 1 more | 7 Iphone Os, Mac Os X, Tvos and 4 more | 2019-03-08 | 2.6 LOW | N/A |
| The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data. | |||||
| CVE-2017-7092 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2018-4143 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13854 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2015-7038 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-08 | 6.8 MEDIUM | N/A |
| Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7039. | |||||
| CVE-2017-7098 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2014-4369 | 1 Apple | 2 Iphone Os, Tvos | 2019-03-08 | 7.8 HIGH | N/A |
| The IOAcceleratorFamily API implementation in Apple iOS before 8 and Apple TV before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via an application that uses crafted arguments. | |||||
| CVE-2018-4130 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-03-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||