Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-2494 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
| 2017-04-24 | CVE-2011-3438 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari 5.0.6 WebKit, as used in Safari 5.0.6, allows remote attackers to cause a denial of service (process crash) or arbitrary code execution. | 8.8 |
| 2017-04-24 | CVE-2011-3428 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Quicktime 4.1.2/7.7.6 Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code. | 9.8 |
| 2017-04-24 | CVE-2010-1776 | 7PK - Security Features vulnerability in Apple Iphone OS Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod touch (2nd generation) and later, when Find My iPhone is disabled, allows remote authenticated users with an associated MobileMe account to wipe the device. | 4.8 |
| 2017-04-20 | CVE-2016-4650 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS Heap-based buffer overflow in IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 7.8 |
| 2017-04-13 | CVE-2010-1821 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. | 7.8 |
| 2017-04-13 | CVE-2010-1816 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. | 7.8 |
| 2017-04-07 | CVE-2017-2387 | Improper Certificate Validation vulnerability in Apple Music 1.2.1 The Apple Music (aka com.apple.android.music) application before 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.8 |
| 2017-04-05 | CVE-2017-6975 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. | 6.8 |
| 2017-04-03 | CVE-2017-5949 | Out-of-bounds Write vulnerability in Apple Safari 22 JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service (heap-based out-of-bounds write and application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory locations, related to jit/ThunkGenerators.cpp, llint/LowLevelInterpreter32_64.asm, and llint/LowLevelInterpreter64.asm. | 9.8 |