Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2017-06-27 CVE-2017-2491 Use After Free vulnerability in Apple Iphone OS
Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file.
network
low complexity
apple CWE-416
8.8
8.8
2017-06-20 CVE-2017-7668 Out-of-bounds Read vulnerability in multiple products
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string.
network
low complexity
apache netapp redhat debian oracle apple CWE-125
7.5
7.5
2017-06-20 CVE-2017-3167 Improper Authentication vulnerability in multiple products
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
network
low complexity
apache netapp redhat apple debian oracle CWE-287
critical
 9.8
9.8
2017-05-23 CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs
critical
 9.8
9.8
2017-05-23 CVE-2016-9842 The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. 8.8
8.8
2017-05-23 CVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp nodejs
critical
 9.8
9.8
2017-05-23 CVE-2016-9840 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. 8.8
8.8
2017-05-22 CVE-2017-6999 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-119
7.8
7.8
2017-05-22 CVE-2017-6998 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-119
7.8
7.8
2017-05-22 CVE-2017-6997 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-119
7.8
7.8