Total
3262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7088 | 1 Apple | 1 Iphone Os | 2017-10-26 | 7.1 HIGH | 5.9 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange account. | |||||
| CVE-2017-7085 | 1 Apple | 2 Iphone Os, Safari | 2017-10-26 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar. | |||||
| CVE-2017-7072 | 1 Apple | 1 Iphone Os | 2017-10-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) via a crafted iBooks file. | |||||
| CVE-2017-7097 | 1 Apple | 1 Iphone Os | 2017-10-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image. | |||||
| CVE-2015-0874 | 3 Apple, Google, Okb | 3 Iphone Os, Android, Smart Passbook | 2017-10-10 | 4.3 MEDIUM | 5.9 MEDIUM |
| Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted certificate. | |||||
| CVE-2015-3686 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. | |||||
| CVE-2015-3685 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. | |||||
| CVE-2015-3684 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL. | |||||
| CVE-2015-3688 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689. | |||||
| CVE-2015-3721 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 4.3 MEDIUM | N/A |
| The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app. | |||||
| CVE-2015-3690 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 4.3 MEDIUM | N/A |
| The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. | |||||
| CVE-2015-3694 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719. | |||||
| CVE-2015-3703 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image. | |||||
| CVE-2015-3710 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 4.3 MEDIUM | N/A |
| Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message. | |||||
| CVE-2015-3719 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694. | |||||
| CVE-2015-3689 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688. | |||||
| CVE-2015-3687 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2017-09-21 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689. | |||||
| CVE-2015-5748 | 1 Apple | 3 Iphone Os, Mac Os X, Safari | 2017-09-20 | 2.1 LOW | N/A |
| The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. | |||||
| CVE-2017-2424 | 1 Apple | 2 Iphone Os, Safari | 2017-09-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves mishandling of OpenGL shaders in the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site. | |||||
| CVE-2013-2842 | 2 Apple, Google | 2 Iphone Os, Chrome | 2017-09-18 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets. | |||||