Filtered by vendor Apple
Subscriptions
Total
13717 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0724 | 6 Adobe, Apple, Google and 3 more | 8 Air, Flash Player, Macos and 5 more | 2025-04-11 | N/A |
| Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725. | ||||
| CVE-2012-0679 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL. | ||||
| CVE-2012-0678 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL. | ||||
| CVE-2012-0676 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing of form input, which allows remote attackers to fill in form fields on the pages of arbitrary web sites via unspecified vectors. | ||||
| CVE-2012-0674 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the location bar's URL via a crafted web site. | ||||
| CVE-2012-0672 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2012-0671 | 1 Apple | 1 Quicktime | 2025-04-11 | N/A |
| Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file. | ||||
| CVE-2012-0677 | 1 Apple | 1 Itunes | 2025-04-11 | N/A |
| Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist. | ||||
| CVE-2012-0663 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file. | ||||
| CVE-2012-0667 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2025-04-11 | N/A |
| Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file. | ||||
| CVE-2012-0659 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | ||||
| CVE-2012-0658 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. | ||||
| CVE-2012-0647 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header. | ||||
| CVE-2012-0645 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient. | ||||
| CVE-2012-0644 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture. | ||||
| CVE-2012-0640 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie. | ||||
| CVE-2012-0635 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | ||||
| CVE-2012-0633 | 1 Apple | 2 Iphone Os, Itunes | 2025-04-11 | N/A |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | ||||
| CVE-2012-0638 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | N/A |
| WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | ||||
| CVE-2012-0637 | 1 Apple | 3 Itunes, Safari, Webkit | 2025-04-11 | N/A |
| WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. | ||||