Filtered by vendor Apple
Subscribe
Total
13170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13783 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2017-6980 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2017-7045 | 1 Apple | 1 Mac Os X | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2016-7613 | 1 Apple | 4 Iphone Os, Mac Os X, Safari and 1 more | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages object-lifetime mishandling during process spawning. | |||||
| CVE-2017-7097 | 1 Apple | 1 Iphone Os | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image. | |||||
| CVE-2017-3045 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box. | |||||
| CVE-2017-2987 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-7118 | 1 Apple | 1 Iphone Os | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (crash) via a crafted image. | |||||
| CVE-2017-13831 | 1 Apple | 1 Mac Os X | 2025-04-20 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image. | |||||
| CVE-2017-7084 | 1 Apple | 1 Mac Os X | 2025-04-20 | 4.3 MEDIUM | 3.7 LOW |
| An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Application Firewall" component. It allows remote attackers to bypass intended settings in opportunistic circumstances by leveraging incorrect handling of a denied setting after an upgrade. | |||||
| CVE-2017-7119 | 1 Apple | 1 Mac Os X | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-7130 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2017-2429 | 1 Apple | 1 Mac Os X | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "FinderKit" component. It allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging unexpected permission changes during an iCloud Sharing Send Link action. | |||||
| CVE-2017-2988 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-7016 | 1 Apple | 1 Mac Os X | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "afclip" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file. | |||||
| CVE-2016-4613 | 1 Apple | 4 Apple Tv, Icloud, Itunes and 1 more | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site. | |||||
| CVE-2017-2500 | 1 Apple | 1 Safari | 2025-04-20 | 4.3 MEDIUM | 4.7 MEDIUM |
| An issue was discovered in certain Apple products. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | |||||
| CVE-2017-2527 | 1 Apple | 1 Mac Os X | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "CoreAnimation" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via crafted data. | |||||
| CVE-2017-2364 | 1 Apple | 2 Iphone Os, Safari | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | |||||
| CVE-2017-2514 | 1 Apple | 2 Iphone Os, Safari | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||