Itunes Security Vulnerabilities and Issues — Page 13 of Itunes CVE List

Lucene search

AppleItunes

922 matches found

CVE•added 2011/12/13 9:55 p.m.•57 views

CVE-2011-3913

Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.

7.5CVSS7AI score0.0229EPSS

CVE•added 2013/09/19 10:27 a.m.•57 views

CVE-2013-1039

WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.

6.8CVSS7.8AI score0.02313EPSS

CVE•added 2013/09/19 10:27 a.m.•57 views

CVE-2013-1040

6.8CVSS7.8AI score0.02313EPSS

CVE•added 2015/09/18 10:59 a.m.•57 views

CVE-2015-5809

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01009EPSS

CVE•added 2010/08/20 8:0 p.m.•56 views

CVE-2010-1768

Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.

6.9CVSS6.2AI score0.00045EPSS

CVE•added 2011/03/11 2:1 a.m.•56 views

CVE-2011-1204

Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.

6.8CVSS8.7AI score0.02435EPSS

CVE•added 2011/06/29 5:55 p.m.•56 views

CVE-2011-2351

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

6.8CVSS7AI score0.02007EPSS

CVE•added 2011/09/19 12:2 p.m.•56 views

CVE-2011-2846

Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.

6.8CVSS7AI score0.02104EPSS

CVE•added 2011/09/19 12:2 p.m.•56 views

CVE-2011-2854

6.8CVSS7AI score0.0184EPSS

CVE•added 2011/10/12 6:55 p.m.•56 views

CVE-2011-3237

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

7.6CVSS7.5AI score0.01157EPSS

CVE•added 2015/03/18 10:59 p.m.•56 views

CVE-2015-1079

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/04/10 2:59 p.m.•56 views

CVE-2015-1121

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabi...

6.8CVSS8.9AI score0.00843EPSS

CVE•added 2015/09/18 10:59 a.m.•56 views

CVE-2015-5817

6.8CVSS8.8AI score0.01093EPSS

CVE•added 2015/10/23 9:59 p.m.•56 views

CVE-2015-7011

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 an...

6.8CVSS7.9AI score0.01655EPSS

CVE•added 2016/07/22 2:59 a.m.•56 views

CVE-2016-4616

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.1AI score

CVE•added 2009/06/02 6:30 p.m.•55 views

CVE-2009-0950

Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.

9.3CVSS7.9AI score0.82109EPSS

Web

CVE•added 2011/08/03 12:55 a.m.•55 views

CVE-2011-2797

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.

6.8CVSS7AI score0.02007EPSS

CVE•added 2012/02/16 8:55 p.m.•55 views

CVE-2011-3021

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.

7.5CVSS7AI score0.02774EPSS

CVE•added 2012/01/24 4:3 a.m.•55 views

CVE-2011-3926

Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5CVSS7.5AI score0.02946EPSS

CVE•added 2012/02/09 4:10 a.m.•55 views

CVE-2011-3971

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events.

6.8CVSS7AI score0.01964EPSS

CVE•added 2013/05/20 2:44 p.m.•55 views

CVE-2013-0999

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-0...

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4470

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-...

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4474

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4475

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•55 views

CVE-2015-1082

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/08/16 11:59 p.m.•55 views

CVE-2015-3734

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.4AI score0.01643EPSS

CVE•added 2015/08/16 11:59 p.m.•55 views

CVE-2015-3737

6.8CVSS8.4AI score0.01643EPSS

CVE•added 2015/08/16 11:59 p.m.•55 views

CVE-2015-3739

6.8CVSS8.4AI score0.01643EPSS

CVE•added 2015/09/18 10:59 a.m.•55 views

CVE-2015-5811

6.8CVSS8.8AI score0.01538EPSS

CVE•added 2015/10/23 9:59 p.m.•55 views

CVE-2015-5930

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S...

6.8CVSS8.9AI score0.0108EPSS

CVE•added 2020/02/27 9:15 p.m.•55 views

CVE-2020-3861

The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system.

7.1CVSS6.9AI score0.00129EPSS

CVE•added 2007/02/20 1:28 a.m.•54 views

CVE-2007-1008

Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or ma...

2.6CVSS6.2AI score0.07553EPSS

CVE•added 2011/03/01 11:0 p.m.•54 views

CVE-2011-1117

Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."

7.5CVSS8.7AI score0.02823EPSS

CVE•added 2011/08/03 12:55 a.m.•54 views

CVE-2011-2790

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles.

6.8CVSS7AI score0.02007EPSS

CVE•added 2011/10/12 6:55 p.m.•54 views

CVE-2011-2809

7.6CVSS7.5AI score0.01016EPSS

CVE•added 2011/09/19 12:2 p.m.•54 views

CVE-2011-2855

Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

6.8CVSS7.1AI score0.01647EPSS

CVE•added 2011/09/19 12:2 p.m.•54 views

CVE-2011-2860

Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.

7.5CVSS7AI score0.02121EPSS

CVE•added 2012/02/16 8:55 p.m.•54 views

CVE-2011-3027

Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

4.3CVSS6.8AI score0.01656EPSS

CVE•added 2012/04/05 10:2 p.m.•54 views

CVE-2011-3071

Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

6.8CVSS7AI score0.02863EPSS

CVE•added 2012/04/05 10:2 p.m.•54 views

CVE-2011-3074

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media.

6.8CVSS6.9AI score0.02128EPSS

CVE•added 2011/11/11 11:55 a.m.•54 views

CVE-2011-3897

Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.

6.8CVSS6.9AI score0.02104EPSS

CVE•added 2012/02/09 4:10 a.m.•54 views

CVE-2011-3968

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences.

4.3CVSS7AI score0.01891EPSS

CVE•added 2013/12/18 4:4 p.m.•54 views

CVE-2013-5199

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

6.8CVSS7.8AI score0.02764EPSS

CVE•added 2015/03/18 10:59 p.m.•54 views

CVE-2015-1070

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•54 views

CVE-2015-1081

6.8CVSS8.8AI score0.00861EPSS

CVE•added 2015/04/10 2:59 p.m.•54 views

CVE-2015-1119

6.8CVSS8.9AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•54 views

CVE-2015-1122