CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Apple has patched a vulnerability in iPhone and iPad that was under active exploitation by cybercriminals. The update is available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later,...

8.8CVSS6.8AI score0.0021EPSS

Exploits4

The Hacker News•added 2024/06/26 9:36 a.m.•44 views

Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping

Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods 2nd generation and later, AirPods Pro all models, AirPods Max, Powerbeats Pro, and...

6.7AI score0.00259EPSS

Exploits0

SUSE CVE•added 2023/02/15 6:3 a.m.•1 views

SUSE CVE-2009-1696

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 uses predictable random numbers in JavaScript applications, which makes it easier for remote web servers to track the behavior of a Safari user during a session...

5CVSS6.5AI score0.00889EPSS

Exploits3References4

Hacker One•added 2021/04/29 8:31 p.m.•55 views

curl: CVE-2021-22901: TLS session caching disaster

Summary: lib/vtls/openssl.c osslconnectstep1 sets up the osslnewsessioncb sessionid callback with SSLCTXsesssetnewcb, and adds association from dataidx and connectdataidx to current conn and data respectively: SSLCTXsetsessioncachemodebackend-ctx, SSLSESSCACHECLIENT | SSLSESSCACHENOINTERNAL;...

6.8CVSS8AI score0.00212EPSS

Exploits1

ATTACKERKB•added 2021/04/02 12:0 a.m.•70 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

6.1CVSS6.2AI score0.00809EPSS

In wildExploits0References4

NVD•added 2013/03/13 12:55 a.m.•17 views

CVE-2013-0095

Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging the installation of a WebK...

5CVSS6.4AI score0.29252EPSS

Exploits1References3

ATTACKERKB•added 2013/03/13 12:55 a.m.•1 views

CVE-2013-0095

5CVSS5.6AI score0.29252EPSS

Exploits1References4

Prion•added 2013/03/13 12:55 a.m.•16 views

Design/Logic Flaw

5CVSS6.9AI score0.29252EPSS

Exploits1References3Affected Software1

Cvelist•added 2013/03/13 12:0 a.m.•12 views

CVE-2013-0095

6.3AI score0.29252EPSS

Exploits1References3

The Hacker News•added 2011/09/20 9:14 p.m.•3 views

iPhone Skype XSS Vulnerability Lets Hackers Steal Phonebook [Video]

iPhone Skype XSS Vulnerability Lets Hackers Steal Phonebook Video A bug in the latest version of Skype for iPhone and iPod touch makes its users vulnerable to having their address book stolen just by viewing a specially crafted message, says AppSec Consulting security researcher Phil Purviance. T...

6AI score

Exploits0

The Hacker News•added 2011/09/20 9:14 p.m.•5 views

iPhone Skype XSS Vulnerability Lets Hackers Steal Phonebook [Video]

6AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by