Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2017-07-20 CVE-2017-7010 Out-of-bounds Read vulnerability in Apple products
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-125
7.8
7.8
2017-07-20 CVE-2017-7009 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-119
7.8
7.8
2017-07-20 CVE-2017-7008 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-119
7.8
7.8
2017-07-20 CVE-2017-7007 Resource Exhaustion vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-400
7.5
7.5
2017-07-20 CVE-2017-7006 Information Exposure Through Discrepancy vulnerability in Apple products
An issue was discovered in certain Apple products.
network
high complexity
apple CWE-203
5.3
5.3
2017-07-20 CVE-2017-2517 Improper Input Validation vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-20
6.5
6.5
2017-07-13 CVE-2017-9788 Improper Input Validation vulnerability in multiple products
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest.
network
low complexity
apache debian apple netapp redhat oracle CWE-20
critical
 9.1
9.1
2017-07-13 CVE-2017-7529 Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
network
low complexity
f5 puppet apple
7.5
7.5
2017-07-13 CVE-2017-11103 Insufficient Verification of Data Authenticity vulnerability in multiple products
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification.
network
high complexity
heimdal-project freebsd samba apple debian CWE-345
8.1
8.1
2017-07-07 CVE-2017-2218 Untrusted Search Path vulnerability in Apple Quicktime
Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
apple CWE-426
7.8
7.8