Itunes@* Security Vulnerabilities and Issues — Page 7 of Itunes@* CVE List

Lucene search

AppleItunes*

542 matches found

CVE•added 2019/12/18 6:15 p.m.•87 views

CVE-2019-8577

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.

7.8CVSS7.5AI score0.00244EPSS

CVE•added 2020/10/27 8:15 p.m.•87 views

CVE-2019-8773

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to ar...

8.8CVSS8.8AI score0.00588EPSS

CVE•added 2020/12/08 8:15 p.m.•87 views

CVE-2020-9981

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processi...

9.3CVSS7.5AI score0.00395EPSS

CVE•added 2018/06/08 6:29 p.m.•86 views

CVE-2018-4225

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00046EPSS

CVE•added 2018/06/08 6:29 p.m.•86 views

CVE-2018-4226

5.5CVSS5.3AI score0.00047EPSS

CVE•added 2017/07/20 4:29 p.m.•85 views

CVE-2017-7048

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.0481EPSS

CVE•added 2019/04/03 6:29 p.m.•85 views

CVE-2018-4374

A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

6.1CVSS6.4AI score0.0054EPSS

CVE•added 2019/04/03 6:29 p.m.•85 views

CVE-2018-4398

An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.

7.5CVSS6.9AI score0.00526EPSS

CVE•added 2020/10/27 8:15 p.m.•85 views

CVE-2019-8827

The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. ...

4.3CVSS5.2AI score0.00609EPSS

CVE•added 2020/10/22 6:15 p.m.•85 views

CVE-2020-9883

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.01107EPSS

CVE•added 2017/07/20 4:29 p.m.•84 views

CVE-2017-7041

9.3CVSS8.1AI score0.1308EPSS

CVE•added 2017/07/20 4:29 p.m.•84 views

CVE-2017-7046

8.8CVSS8.1AI score0.0481EPSS

CVE•added 2019/03/05 4:29 p.m.•84 views

CVE-2019-6221

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.

7.8CVSS7.1AI score0.00259EPSS

CVE•added 2020/10/27 8:15 p.m.•84 views

CVE-2019-8756

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 ...

9.8CVSS7.9AI score0.01253EPSS

CVE•added 2020/04/01 6:15 p.m.•84 views

CVE-2020-3910

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01174EPSS

CVE•added 2020/04/01 6:15 p.m.•84 views

CVE-2020-3911

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01563EPSS

CVE•added 2020/10/22 6:15 p.m.•84 views

CVE-2020-9873

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to a...

7.8CVSS8.1AI score0.00424EPSS

CVE•added 2022/05/26 8:15 p.m.•84 views

CVE-2022-26774

A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges.

7.8CVSS7.4AI score0.00137EPSS

CVE•added 2016/09/25 10:59 a.m.•83 views

CVE-2016-4766

WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767,...

8.8CVSS8.7AI score0.00976EPSS

CVE•added 2017/04/02 1:59 a.m.•83 views

CVE-2017-2479

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

6.5CVSS6.2AI score0.15758EPSS

CVE•added 2018/04/03 6:29 a.m.•83 views

CVE-2018-4128

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.7AI score0.00579EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4394

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.

7.8CVSS7.1AI score0.00335EPSS

CVE•added 2020/10/22 6:15 p.m.•83 views

CVE-2020-9879

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS

CVE•added 2017/07/20 4:29 p.m.•82 views

CVE-2017-7019

8.8CVSS8.1AI score0.00513EPSS

CVE•added 2017/07/20 4:29 p.m.•82 views

CVE-2017-7055

8.8CVSS8.1AI score0.00927EPSS

CVE•added 2018/04/03 6:29 a.m.•82 views

CVE-2017-7153

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" comp...

6.1CVSS5.5AI score0.00779EPSS

CVE•added 2020/04/01 6:15 p.m.•82 views

CVE-2020-3887

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.

4.3CVSS5.3AI score0.00492EPSS

CVE•added 2020/10/22 6:15 p.m.•82 views

CVE-2020-9874

7.8CVSS8.2AI score0.00424EPSS

CVE•added 2020/10/16 5:15 p.m.•82 views

CVE-2020-9936

7.8CVSS8.2AI score0.00318EPSS

CVE•added 2017/11/13 3:29 a.m.•81 views

CVE-2017-13792

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS

CVE•added 2018/04/03 6:29 a.m.•81 views

CVE-2017-7172

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Se...

9.3CVSS7.4AI score0.00546EPSS

CVE•added 2018/04/03 6:29 a.m.•81 views

CVE-2018-4088

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affect...

8.8CVSS7.6AI score0.00673EPSS

CVE•added 2022/09/23 7:15 p.m.•81 views

CVE-2020-36521

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or po...

7.1CVSS6.3AI score0.00055EPSS

CVE•added 2020/10/22 6:15 p.m.•81 views

CVE-2020-9872

7.8CVSS8.2AI score0.00424EPSS

CVE•added 2020/10/22 7:15 p.m.•81 views

CVE-2020-9938

7.8CVSS8.1AI score0.00424EPSS

CVE•added 2017/07/20 4:29 p.m.•80 views

CVE-2017-7043

8.8CVSS8.1AI score0.03473EPSS

CVE•added 2020/10/27 8:15 p.m.•80 views

CVE-2019-8728

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.8AI score0.00588EPSS

CVE•added 2020/10/22 7:15 p.m.•80 views

CVE-2020-9937

7.8CVSS8.2AI score0.00424EPSS

CVE•added 2020/10/27 8:15 p.m.•79 views

CVE-2019-8734

8.8CVSS8.8AI score0.00588EPSS

CVE•added 2020/10/22 7:15 p.m.•79 views

CVE-2020-9919

7.8CVSS8.3AI score0.00794EPSS

CVE•added 2010/09/24 7:0 p.m.•78 views

CVE-2010-1824

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.

9.3CVSS8.9AI score0.15871EPSS

CVE•added 2016/09/25 10:59 a.m.•78 views

CVE-2016-4765

8.8CVSS8.8AI score0.00976EPSS

CVE•added 2017/11/13 3:29 a.m.•78 views

CVE-2017-13794

8.8CVSS7.7AI score0.21364EPSS

Web

CVE•added 2017/07/20 4:29 p.m.•78 views

CVE-2017-7018

8.8CVSS8.1AI score0.03472EPSS

CVE•added 2017/07/20 4:29 p.m.•78 views

CVE-2017-7030

8.8CVSS8.1AI score0.00513EPSS

CVE•added 2017/07/20 4:29 p.m.•78 views

CVE-2017-7052

8.8CVSS8.1AI score0.00927EPSS

CVE•added 2019/04/03 6:29 p.m.•78 views

CVE-2017-7151

A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.

7CVSS6.6AI score0.00254EPSS

CVE•added 2018/04/03 6:29 a.m.•78 views

CVE-2018-4130

8.8CVSS8.6AI score0.00831EPSS

CVE•added 2019/04/03 6:29 p.m.•78 views

CVE-2018-4414

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.

7.8CVSS8AI score0.00402EPSS

CVE•added 2020/12/08 8:15 p.m.•78 views

CVE-2020-10002

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files.

5.5CVSS5.2AI score0.00116EPSS

Total number of security vulnerabilities542