Itunes Security Vulnerabilities and Issues — Page 15 of Itunes CVE List

Lucene search

AppleItunes

922 matches found

CVE•added 2015/10/23 9:59 p.m.•52 views

CVE-2015-7013

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 an...

6.8CVSS8.8AI score0.01529EPSS

CVE•added 2017/02/20 8:59 a.m.•52 views

CVE-2016-7646

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of ser...

8.8CVSS8AI score0.00728EPSS

CVE•added 2020/10/27 8:15 p.m.•52 views

CVE-2018-4474

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure.

7.5CVSS7.1AI score0.00862EPSS

CVE•added 2005/05/02 4:0 a.m.•51 views

CVE-2005-0043

Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.

7.5CVSS7.5AI score0.7991EPSS

CVE•added 2011/03/03 8:0 p.m.•51 views

CVE-2011-0145

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011...

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/10/04 8:55 p.m.•51 views

CVE-2011-2877

Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."

6.8CVSS7.1AI score0.01611EPSS

CVE•added 2012/03/08 10:55 p.m.•51 views

CVE-2012-0601

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE...

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/03/08 10:55 p.m.•51 views

CVE-2012-0622

9.3CVSS7.8AI score0.01837EPSS

CVE•added 2013/05/20 2:44 p.m.•51 views

CVE-2013-1004

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-0...

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/05/20 2:44 p.m.•51 views

CVE-2013-1005

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/12/18 4:4 p.m.•51 views

CVE-2013-5228

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

6.8CVSS7.8AI score0.02121EPSS

CVE•added 2014/12/10 9:59 p.m.•51 views

CVE-2014-4472

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-...

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•51 views

CVE-2015-1080

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2011/03/03 8:0 p.m.•50 views

CVE-2011-0130

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2012/03/08 10:55 p.m.•50 views

CVE-2011-2866

WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.

7.6CVSS7.5AI score0.01224EPSS

CVE•added 2011/10/12 6:55 p.m.•50 views

CVE-2011-3239

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

7.6CVSS7.5AI score0.01363EPSS

CVE•added 2012/03/08 10:55 p.m.•50 views

CVE-2012-0602

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3598

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3652

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3704

6.8CVSS7.8AI score0.00952EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3711

6.8CVSS7.8AI score0.01555EPSS

CVE•added 2013/05/20 2:44 p.m.•50 views

CVE-2013-1002

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/05/20 2:44 p.m.•50 views

CVE-2013-1008

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2015/08/16 11:59 p.m.•50 views

CVE-2015-3730

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.4AI score0.01081EPSS

CVE•added 2015/08/16 11:59 p.m.•50 views

CVE-2015-3733

6.8CVSS8.4AI score0.01643EPSS

CVE•added 2015/09/18 10:59 a.m.•50 views

CVE-2015-5791

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-0...

6.8CVSS7.8AI score0.01538EPSS

CVE•added 2015/09/18 10:59 a.m.•50 views

CVE-2015-5803

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01538EPSS

CVE•added 2016/07/22 2:59 a.m.•50 views

CVE-2016-4614

libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.1AI score

CVE•added 2017/02/20 8:59 a.m.•50 views

CVE-2016-7611

8.8CVSS8AI score0.00745EPSS

CVE•added 2010/06/18 4:30 p.m.•49 views

CVE-2010-1763

Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769.

10CVSS8AI score0.08537EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0117

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0120

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0121

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0125

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0132

Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of se...

7.6CVSS9.2AI score0.01045EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0146

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/10/12 6:55 p.m.•49 views

CVE-2011-2820

7.6CVSS7.5AI score0.01198EPSS

CVE•added 2012/03/08 10:55 p.m.•49 views

CVE-2011-2867

9.3CVSS7.8AI score0.01849EPSS

CVE•added 2011/12/13 9:55 p.m.•49 views

CVE-2011-3909

The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.

5CVSS6AI score0.0234EPSS

CVE•added 2012/03/08 10:55 p.m.•49 views

CVE-2012-0604

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/03/08 10:55 p.m.•49 views

CVE-2012-0613

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/03/08 10:55 p.m.•49 views

CVE-2012-0628

9.3CVSS7.8AI score0.01837EPSS

CVE•added 2012/03/08 10:55 p.m.•49 views

CVE-2012-0637