Total
5568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3770 | 1 Apple | 1 Mac Os X | 2025-04-12 | 9.3 HIGH | N/A |
| IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783. | |||||
| CVE-2016-4723 | 1 Apple | 1 Mac Os X | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Intel Graphics Driver in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2014-8517 | 2 Apple, Netbsd | 2 Mac Os X, Netbsd | 2025-04-12 | 7.5 HIGH | N/A |
| The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect. | |||||
| CVE-2014-4437 | 1 Apple | 1 Mac Os X | 2025-04-12 | 6.8 MEDIUM | N/A |
| LaunchServices in Apple OS X before 10.10 allows attackers to bypass intended sandbox restrictions via an application that specifies a crafted handler for the Content-Type field of an object. | |||||
| CVE-2016-0971 | 5 Adobe, Apple, Google and 2 more | 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-7144 | 3 Apple, Linecorp, Microsoft | 3 Mac Os X, Line, Windows | 2025-04-12 | 4.3 MEDIUM | N/A |
| LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2015-8069 | 5 Adobe, Apple, Google and 2 more | 9 Air, Air Sdk, Air Sdk \& Compiler and 6 more | 2025-04-12 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454. | |||||
| CVE-2015-5557 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2025-04-12 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. | |||||
| CVE-2015-3768 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | 9.3 HIGH | N/A |
| Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls. | |||||
| CVE-2016-4699 | 1 Apple | 1 Mac Os X | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700. | |||||
| CVE-2014-1260 | 1 Apple | 1 Mac Os X | 2025-04-12 | 6.8 MEDIUM | N/A |
| QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document. | |||||
| CVE-2016-1804 | 1 Apple | 1 Mac Os X | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2016-0994 | 6 Adobe, Apple, Google and 3 more | 15 Air, Air Desktop Runtime, Air Sdk and 12 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | |||||
| CVE-2016-1767 | 1 Apple | 1 Mac Os X | 2025-04-12 | 6.8 MEDIUM | 7.8 HIGH |
| QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768. | |||||
| CVE-2015-7052 | 1 Apple | 1 Mac Os X | 2025-04-12 | 7.2 HIGH | N/A |
| kext tools in Apple OS X before 10.11.2 mishandles kernel-extension loading, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2016-4616 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619. | |||||
| CVE-2016-0982 | 5 Adobe, Apple, Google and 2 more | 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984. | |||||
| CVE-2015-0352 | 7 Adobe, Apple, Linux and 4 more | 11 Flash Player, Mac Os X, Linux Kernel and 8 more | 2025-04-12 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043. | |||||
| CVE-2016-6971 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993. | |||||
| CVE-2015-3099 | 5 Adobe, Apple, Google and 2 more | 8 Air, Air Sdk, Air Sdk \& Compiler and 5 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3102. | |||||