Search Results (14587 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-1204 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 N/A
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.
CVE-2012-0671 1 Apple 1 Quicktime 2025-04-11 N/A
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.
CVE-2010-1845 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PSD image.
CVE-2013-1030 1 Apple 1 Mac Os X 2025-04-11 N/A
mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process.
CVE-2011-0175 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font.
CVE-2011-0167 1 Apple 2 Safari, Webkit 2025-04-11 N/A
The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site.
CVE-2011-1293 3 Apple, Debian, Google 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-1344 1 Apple 5 Ipad, Iphone, Iphone Os and 2 more 2025-04-11 N/A
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.
CVE-2011-0163 1 Apple 3 Iphone Os, Safari, Webkit 2025-04-11 N/A
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavailability) via a crafted web site that conducts a cache-poisoning attack.
CVE-2013-0955 1 Apple 1 Iphone Os 2025-04-11 N/A
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
CVE-2011-1188 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 N/A
Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2013-5174 1 Apple 1 Mac Os X 2025-04-11 N/A
Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a crafted tty read operation.
CVE-2012-2847 4 Apple, Google, Linux and 1 more 5 Mac Os X, Chrome, Frame and 2 more 2025-04-11 N/A
Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site.
CVE-2013-6886 3 Apple, Linux, Realvnc 3 Mac Os X, Linux Kernel, Realvnc 2025-04-11 N/A
RealVNC VNC 5.0.6 on Mac OS X, Linux, and UNIX allows local users to gain privileges via a crafted argument to the (1) vncserver, (2) vncserver-x11, or (3) Xvnc helper.
CVE-2013-6799 1 Apple 1 Mac Os X 2025-04-11 N/A
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
CVE-2013-6712 6 Apple, Canonical, Debian and 3 more 7 Mac Os X, Ubuntu Linux, Debian Linux and 4 more 2025-04-11 N/A
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
CVE-2011-0168 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0156 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0130 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2013-0954 1 Apple 1 Iphone Os 2025-04-11 N/A
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.