Itunes Security Vulnerabilities and Issues — Page 16 of Itunes CVE List

Lucene search

AppleItunes

922 matches found

CVE•added 2011/10/12 6:55 p.m.•48 views

CVE-2011-3244

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

7.6CVSS7.5AI score0.01392EPSS

CVE•added 2012/01/24 4:3 a.m.•48 views

CVE-2011-3924

Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections.

7.5CVSS7AI score0.0234EPSS

CVE•added 2012/03/08 10:55 p.m.•48 views

CVE-2012-0594

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE...

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/03/08 10:55 p.m.•48 views

CVE-2012-0605

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/09/13 10:30 a.m.•48 views

CVE-2012-3612

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2012/09/13 10:30 a.m.•48 views

CVE-2012-3623

6.8CVSS7.8AI score0.01555EPSS

CVE•added 2012/09/13 10:30 a.m.•48 views

CVE-2012-3705

6.8CVSS7.8AI score0.01555EPSS

CVE•added 2012/09/13 10:30 a.m.•48 views

CVE-2012-3708

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2015/03/18 10:59 p.m.•48 views

CVE-2015-1073

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/09/18 10:59 a.m.•48 views

CVE-2015-5798

WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-...

6.8CVSS7.5AI score0.00651EPSS

CVE•added 2015/10/23 9:59 p.m.•48 views

CVE-2015-7014

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S...

6.8CVSS8.9AI score0.0117EPSS

CVE•added 2017/02/20 8:59 a.m.•48 views

CVE-2016-7648

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of ser...

8.8CVSS8AI score0.00728EPSS

CVE•added 2011/03/03 8:0 p.m.•47 views

CVE-2011-0118

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011...

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•47 views

CVE-2011-0124

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•47 views

CVE-2011-0138

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•47 views

CVE-2011-0139

7.6CVSS9.2AI score0.00861EPSS

CVE•added 2011/03/03 8:0 p.m.•47 views

CVE-2011-0155

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•47 views

CVE-2011-0170

Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile in a JPEG image.

9.3CVSS7.4AI score0.08698EPSS

CVE•added 2011/08/03 12:55 a.m.•47 views

CVE-2011-2799

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.

6.8CVSS6.9AI score0.02007EPSS

CVE•added 2011/10/12 6:55 p.m.•47 views

CVE-2011-2814

7.6CVSS7.5AI score0.01198EPSS

CVE•added 2011/09/19 12:2 p.m.•47 views

CVE-2011-2847

Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

6.8CVSS7AI score0.02455EPSS

CVE•added 2012/03/05 7:55 p.m.•47 views

CVE-2011-3040

Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

4.3CVSS6AI score0.02655EPSS

CVE•added 2011/10/12 6:55 p.m.•47 views

CVE-2011-3235

7.6CVSS7.5AI score0.01157EPSS

CVE•added 2012/03/08 10:55 p.m.•47 views

CVE-2012-0593

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/03/08 10:55 p.m.•47 views

CVE-2012-0615

9.3CVSS7.8AI score0.01997EPSS

CVE•added 2012/09/13 10:30 a.m.•47 views

CVE-2012-3703

8.3CVSS7.8AI score0.01054EPSS

CVE•added 2013/05/20 2:44 p.m.•47 views

CVE-2013-1010

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-0...

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/09/19 10:27 a.m.•47 views

CVE-2013-1035

The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

9.3CVSS7.7AI score0.03476EPSS

CVE•added 2017/02/20 8:59 a.m.•47 views

CVE-2016-7642

8.8CVSS8AI score0.00728EPSS

CVE•added 2017/02/20 8:59 a.m.•47 views

CVE-2016-7649

8.8CVSS8AI score0.00728EPSS

CVE•added 2012/03/08 10:55 p.m.•46 views

CVE-2012-0623

9.3CVSS7.8AI score0.01837EPSS

CVE•added 2012/03/08 10:55 p.m.•46 views

CVE-2012-0633

9.3CVSS7.8AI score0.01837EPSS

CVE•added 2012/09/13 10:30 a.m.•46 views

CVE-2012-3614

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2012/09/13 10:30 a.m.•46 views

CVE-2012-3621

9.3CVSS7.8AI score0.01247EPSS

CVE•added 2012/09/13 10:30 a.m.•46 views

CVE-2012-3658

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2012/09/13 10:30 a.m.•46 views

CVE-2012-3673

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2013/05/20 2:44 p.m.•46 views

CVE-2013-0991

6.8CVSS7.5AI score0.00819EPSS

CVE•added 2013/05/20 2:44 p.m.•46 views

CVE-2013-0996

6.8CVSS7.5AI score0.00819EPSS

CVE•added 2013/05/20 2:44 p.m.•46 views

CVE-2013-0998

6.8CVSS7.5AI score0.00819EPSS

CVE•added 2013/05/20 2:44 p.m.•46 views

CVE-2013-1000

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/05/20 2:44 p.m.•46 views

CVE-2013-1007

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/12/18 4:4 p.m.•46 views

CVE-2013-5225

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.

6.8CVSS7.8AI score0.02121EPSS

CVE•added 2016/05/20 10:59 a.m.•46 views

CVE-2016-1742

Untrusted search path vulnerability in the installer in Apple iTunes before 12.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

7.8CVSS6.9AI score0.0004EPSS

CVE•added 2007/09/06 9:17 p.m.•45 views

CVE-2007-3752

Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file.

9.3CVSS7.7AI score0.16027EPSS

CVE•added 2011/03/03 8:0 p.m.•45 views

CVE-2011-0114

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•45 views

CVE-2011-0115

The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a den...

7.6CVSS9.2AI score0.01538EPSS

CVE•added 2011/03/03 8:0 p.m.•45 views

CVE-2011-0128

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•45 views

CVE-2011-0135

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•45 views

CVE-2011-0148

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/10/12 6:55 p.m.•45 views

CVE-2011-2817