Lucene search

K

542 matches found

CVE
CVE
added 2017/11/13 3:29 a.m.67 views

CVE-2017-13796

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.67 views

CVE-2017-13802

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.67 views

CVE-2017-2463

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

8.8CVSS8.6AI score0.00723EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.67 views

CVE-2019-8556

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00758EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.67 views

CVE-2019-8582

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may r...

5.5CVSS5.8AI score0.00296EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.67 views

CVE-2019-8801

A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.

7.8CVSS7.8AI score0.00161EPSS
CVE
CVE
added 2012/02/16 8:55 p.m.66 views

CVE-2011-3016

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue.

6.8CVSS7AI score0.01955EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.66 views

CVE-2011-3036

Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

6.8CVSS6.7AI score0.02756EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.66 views

CVE-2011-3042

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.

6.8CVSS6.9AI score0.02363EPSS
CVE
CVE
added 2012/03/22 4:55 p.m.66 views

CVE-2011-3053

Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.

6.8CVSS6.9AI score0.04448EPSS
CVE
CVE
added 2017/11/13 3:29 a.m.66 views

CVE-2017-13797

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS8.7AI score0.1598EPSS
CVE
CVE
added 2011/03/01 11:0 p.m.65 views

CVE-2011-1115

Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

7.5CVSS8.7AI score0.02823EPSS
CVE
CVE
added 2011/05/03 10:55 p.m.65 views

CVE-2011-1449

Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

6.8CVSS8.6AI score0.0234EPSS
CVE
CVE
added 2011/08/29 3:55 p.m.65 views

CVE-2011-2827

Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.

7.5CVSS7AI score0.0229EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.65 views

CVE-2011-3032

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.

6.8CVSS6.9AI score0.01573EPSS
CVE
CVE
added 2014/11/18 11:59 a.m.65 views

CVE-2014-4459

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.

6.8CVSS7.1AI score0.02966EPSS
CVE
CVE
added 2016/07/22 2:59 a.m.65 views

CVE-2016-4608

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.2AI score
CVE
CVE
added 2017/11/13 3:29 a.m.65 views

CVE-2017-13785

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.21364EPSS
CVE
CVE
added 2012/03/30 10:55 p.m.64 views

CVE-2011-3064

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

7.5CVSS6.9AI score0.05944EPSS
CVE
CVE
added 2012/04/05 10:2 p.m.64 views

CVE-2011-3069

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes.

6.8CVSS6.9AI score0.02863EPSS
CVE
CVE
added 2012/04/05 10:2 p.m.64 views

CVE-2011-3073

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.

6.8CVSS6.9AI score0.02863EPSS
CVE
CVE
added 2016/07/22 2:59 a.m.64 views

CVE-2016-4607

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.2AI score
CVE
CVE
added 2019/04/03 6:29 p.m.64 views

CVE-2018-4360

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

8.8CVSS8.1AI score0.00704EPSS
CVE
CVE
added 2011/03/25 7:55 p.m.63 views

CVE-2011-1296

Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

7.5CVSS8.7AI score0.0184EPSS
CVE
CVE
added 2011/08/03 12:55 a.m.63 views

CVE-2011-2818

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.

6.8CVSS6.9AI score0.02962EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.63 views

CVE-2011-3034

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.

6.8CVSS6.9AI score0.02363EPSS
CVE
CVE
added 2011/10/25 7:55 p.m.63 views

CVE-2011-3888

Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in.

6.8CVSS7AI score0.02104EPSS
CVE
CVE
added 2020/12/08 9:15 p.m.63 views

CVE-2020-27895

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs.

4.3CVSS3.4AI score0.00169EPSS
CVE
CVE
added 2011/08/29 3:55 p.m.62 views

CVE-2011-2825

Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.

9.3CVSS7AI score0.03935EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.62 views

CVE-2011-3035

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

6.8CVSS6.9AI score0.02363EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.62 views

CVE-2018-4271

Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

6.5CVSS7.4AI score0.00737EPSS
CVE
CVE
added 2024/10/11 6:15 p.m.62 views

CVE-2024-44157

A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination.

5.5CVSS6.7AI score0.00024EPSS
CVE
CVE
added 2011/03/01 11:0 p.m.61 views

CVE-2011-1121

Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.

7.5CVSS8.8AI score0.02823EPSS
CVE
CVE
added 2011/09/19 12:2 p.m.61 views

CVE-2011-2857

Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.

6.8CVSS7AI score0.02104EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.61 views

CVE-2011-3039

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.

6.8CVSS6.9AI score0.02363EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.61 views

CVE-2011-3041

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.

6.8CVSS6.9AI score0.02363EPSS
CVE
CVE
added 2012/05/01 10:12 a.m.61 views

CVE-2011-3081

Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.

9.3CVSS6.9AI score0.07354EPSS
CVE
CVE
added 2011/12/13 9:55 p.m.61 views

CVE-2011-3908

Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

5CVSS6.1AI score0.0234EPSS
CVE
CVE
added 2012/02/09 4:10 a.m.61 views

CVE-2011-3958

Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

6.8CVSS7AI score0.02292EPSS
CVE
CVE
added 2012/03/08 10:55 p.m.61 views

CVE-2012-0620

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE...

9.3CVSS7.8AI score0.01837EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.61 views

CVE-2016-7578

An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbit...

8.8CVSS8.6AI score0.01303EPSS
CVE
CVE
added 2011/05/03 10:55 p.m.60 views

CVE-2011-1451

Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."

7.5CVSS8.7AI score0.02271EPSS
CVE
CVE
added 2012/03/05 7:55 p.m.60 views

CVE-2011-3037

Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

6.8CVSS6.7AI score0.02756EPSS
CVE
CVE
added 2011/09/19 12:2 p.m.60 views

CVE-2011-3234

Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

5CVSS6.2AI score0.02823EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.60 views

CVE-2018-4269

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

8.6CVSS6.3AI score0.00305EPSS
CVE
CVE
added 2024/10/02 3:15 p.m.60 views

CVE-2024-44193

A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.

8.4CVSS6AI score0.00339EPSS
CVE
CVE
added 2011/03/11 2:1 a.m.59 views

CVE-2011-1188

Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

7.5CVSS8.7AI score0.0323EPSS
CVE
CVE
added 2011/12/13 9:55 p.m.59 views

CVE-2011-3913

Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.

7.5CVSS7AI score0.0229EPSS
CVE
CVE
added 2011/06/29 5:55 p.m.58 views

CVE-2011-2351

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

6.8CVSS7AI score0.02007EPSS
CVE
CVE
added 2011/08/03 12:55 a.m.58 views

CVE-2011-2797

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.

6.8CVSS7AI score0.02007EPSS
Total number of security vulnerabilities542