Filtered by vendor Apple
Subscriptions
Total
13190 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-2392 | 1 Apple | 1 Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2017-2384 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Private Browsing mode. | ||||
| CVE-2017-2955 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2025-04-20 | N/A |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2017-2383 | 1 Apple | 2 Icloud, Itunes | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in the "APNs Server" component. It allows man-in-the-middle attackers to track users via correlation with this certificate. | ||||
| CVE-2017-2240 | 2 Apple, Hammock | 2 Mac Os X, Assetview | 2025-04-20 | N/A |
| Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service". | ||||
| CVE-2017-2381 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network directory server. | ||||
| CVE-2017-2361 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Help Viewer" component, which allows XSS attacks via a crafted web site. | ||||
| CVE-2017-2353 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | ||||
| CVE-2017-2350 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | ||||
| CVE-2017-2351 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WiFi" component, which allows physically proximate attackers to bypass the activation-lock protection mechanism and view the home screen via unspecified vectors. | ||||
| CVE-2017-2352 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Unlock with iPhone" component, which allows attackers to bypass the wrist-presence protection mechanism and unlock a Watch device via unspecified vectors. | ||||
| CVE-2017-2355 | 2 Apple, Webkitgtk | 6 Icloud, Iphone Os, Itunes and 3 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site. | ||||
| CVE-2017-2356 | 2 Apple, Webkitgtk | 6 Icloud, Iphone Os, Itunes and 3 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-2357 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "IOAudioFamily" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | ||||
| CVE-2017-2358 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2017-2359 | 1 Apple | 1 Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. Safari before 10.0.3 is affected. The issue involves the "Safari" component, which allows remote attackers to spoof the address bar via a crafted web site. | ||||
| CVE-2017-2360 | 2 Apple, Webkitgtk | 5 Iphone Os, Mac Os X, Tvos and 2 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app. | ||||
| CVE-2017-2364 | 1 Apple | 2 Iphone Os, Safari | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | ||||
| CVE-2017-5067 | 5 Apple, Google, Linux and 2 more | 8 Macos, Chrome, Linux Kernel and 5 more | 2025-04-20 | 6.5 Medium |
| An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | ||||
| CVE-2017-5069 | 5 Apple, Google, Linux and 2 more | 9 Macos, Android, Chrome and 6 more | 2025-04-20 | 6.1 Medium |
| Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page. | ||||