Filtered by vendor Apple
Subscribe
Total
10175 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13789 | 1 Apple | 1 Safari | 2017-11-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | |||||
| CVE-2017-7113 | 1 Apple | 1 Iphone Os | 2017-11-28 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "UIKit" component. It allows attackers to bypass intended read restrictions for secure text fields via vectors involving a focus-change event. | |||||
| CVE-2017-13805 | 1 Apple | 1 Iphone Os | 2017-11-28 | 2.1 LOW | 2.4 LOW |
| An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to obtain sensitive information via a Siri request for private-content notifications that should not have been available in the lock-screen state. | |||||
| CVE-2017-13834 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted mach binary. | |||||
| CVE-2017-7132 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted Office document. | |||||
| CVE-2017-13820 | 1 Apple | 1 Mac Os X | 2017-11-27 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font. | |||||
| CVE-2000-0346 | 1 Apple | 1 Appleshare | 2017-11-27 | 5.0 MEDIUM | N/A |
| AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. | |||||
| CVE-2017-13822 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13821 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13823 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "QuickTime" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13825 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted font file. | |||||
| CVE-2017-13824 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted AppleScript file that is mishandled by osadecompile. | |||||
| CVE-2017-13829 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13830 | 1 Apple | 1 Mac Os X | 2017-11-27 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2017-13831 | 1 Apple | 1 Mac Os X | 2017-11-27 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image. | |||||
| CVE-2017-13819 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML documents. | |||||
| CVE-2017-13818 | 1 Apple | 1 Mac Os X | 2017-11-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-13817 | 1 Apple | 1 Mac Os X | 2017-11-27 | 2.1 LOW | 5.5 MEDIUM |
| An out-of-bounds read issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions. | |||||
| CVE-2017-13816 | 1 Apple | 1 Mac Os X | 2017-11-27 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file. | |||||
| CVE-2017-13815 | 1 Apple | 1 Mac Os X | 2017-11-27 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||