Lucene search

K

985 matches found

CVE
CVE
added 2011/06/06 7:55 p.m.91 views

CVE-2011-1783

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by ...

4.3CVSS6.2AI score0.05216EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.91 views

CVE-2017-13855

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS4.8AI score0.06249EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.91 views

CVE-2019-8513

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.

7.8CVSS7.5AI score0.11275EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.91 views

CVE-2019-8602

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.

7.8CVSS7.7AI score0.0077EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.91 views

CVE-2019-8628

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.8AI score0.00588EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.91 views

CVE-2019-8746

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. ...

9.8CVSS8.2AI score0.02306EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.91 views

CVE-2019-8825

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing malic...

8.8CVSS8.4AI score0.00547EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.91 views

CVE-2019-8832

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code w...

9.3CVSS7.6AI score0.00484EPSS
CVE
CVE
added 2020/10/27 9:15 p.m.91 views

CVE-2019-8850

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose res...

5.5CVSS5.8AI score0.00299EPSS
CVE
CVE
added 2020/06/09 5:15 p.m.91 views

CVE-2020-9816

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

9.3CVSS7.8AI score0.00484EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.91 views

CVE-2020-9966

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.00788EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.90 views

CVE-2017-13867

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.3AI score0.02252EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.90 views

CVE-2018-4193

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS6.9AI score0.18056EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.90 views

CVE-2018-4291

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.

10CVSS7AI score0.00717EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.90 views

CVE-2019-8784

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.

9.3CVSS7.9AI score0.00499EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.90 views

CVE-2020-27937

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.0.1. A malicious application may be able to access private information.

5.5CVSS5.2AI score0.00583EPSS
CVE
CVE
added 2020/10/22 6:15 p.m.90 views

CVE-2020-9875

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.00344EPSS
CVE
CVE
added 2016/07/22 2:59 a.m.89 views

CVE-2016-4609

libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors...

9.8CVSS9.2AI score
CVE
CVE
added 2018/04/03 6:29 a.m.89 views

CVE-2018-4144

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" co...

9.3CVSS7.5AI score0.00406EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.89 views

CVE-2018-4369

A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

7.5CVSS6.6AI score0.00339EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.89 views

CVE-2020-3856

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption.

9.3CVSS7.2AI score0.00352EPSS
CVE
CVE
added 2009/08/21 5:30 p.m.88 views

CVE-2009-2474

neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Ce...

5.8CVSS6AI score0.01686EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.88 views

CVE-2017-13869

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS4.8AI score0.07328EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.88 views

CVE-2018-4249

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to ...

9.3CVSS7.2AI score0.00898EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.88 views

CVE-2019-8745

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution.

8.8CVSS8.3AI score0.0109EPSS
CVE
CVE
added 2020/04/01 6:15 p.m.88 views

CVE-2020-3909

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.03186EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.88 views

CVE-2022-22593

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. A malicious application may be able to execute arbitrary code with kernel privi...

9.3CVSS8.1AI score0.01307EPSS
CVE
CVE
added 2022/05/26 7:15 p.m.88 views

CVE-2022-26697

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of proces...

7.1CVSS6.8AI score0.00229EPSS
CVE
CVE
added 2010/03/05 7:30 p.m.87 views

CVE-2010-0302

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client ...

7.5CVSS7.4AI score0.09847EPSS
CVE
CVE
added 2010/11/17 1:0 a.m.87 views

CVE-2010-4008

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a...

4.3CVSS5.6AI score0.01623EPSS
CVE
CVE
added 2011/09/19 12:2 p.m.87 views

CVE-2011-2834

Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

6.8CVSS8.2AI score0.03748EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.87 views

CVE-2017-13876

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.4AI score0.02252EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.87 views

CVE-2018-4417

A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.

5.5CVSS5.7AI score0.00197EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.87 views

CVE-2018-4419

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

9.3CVSS7.1AI score0.00185EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.87 views

CVE-2019-8542

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.

7.8CVSS7.3AI score0.0048EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.87 views

CVE-2019-8577

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.

7.8CVSS7.5AI score0.00244EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.87 views

CVE-2019-8831

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. An application may be able to execute arbitrary code with...

9.3CVSS8.2AI score0.00245EPSS
CVE
CVE
added 2020/12/08 8:15 p.m.87 views

CVE-2020-9981

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processi...

9.3CVSS7.5AI score0.00395EPSS
CVE
CVE
added 2022/05/26 7:15 p.m.87 views

CVE-2022-26721

A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges.

9.3CVSS8AI score0.00296EPSS
CVE
CVE
added 2017/12/25 9:29 p.m.86 views

CVE-2017-13865

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS4.8AI score0.04815EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.86 views

CVE-2018-4150

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS8.1AI score0.23703EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.86 views

CVE-2018-4225

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00046EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.86 views

CVE-2018-4226

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00047EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.86 views

CVE-2019-8787

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory.

7.5CVSS6.7AI score0.00689EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.86 views

CVE-2020-3836

An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS5.2AI score0.00134EPSS
CVE
CVE
added 2008/03/17 9:44 p.m.85 views

CVE-2008-0888

The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.

9.3CVSS9.6AI score0.21439EPSS
CVE
CVE
added 2011/07/07 9:55 p.m.85 views

CVE-2011-2192

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.

4.3CVSS6.8AI score0.0151EPSS
CVE
CVE
added 2018/06/08 6:29 p.m.85 views

CVE-2018-4230

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race...

7.6CVSS7.3AI score0.02569EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.85 views

CVE-2018-4326

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

7.8CVSS7.3AI score0.00306EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.85 views

CVE-2018-4398

An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.

7.5CVSS6.9AI score0.00526EPSS
Total number of security vulnerabilities985