Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-20 | CVE-2017-7006 | Information Exposure Through Discrepancy vulnerability in Apple products An issue was discovered in certain Apple products. | 2.6 |
| 2017-07-20 | CVE-2017-2517 | Improper Input Validation vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 4.3 |
| 2017-07-17 | CVE-2017-2241 | SQL Injection vulnerability in Hammock Assetview 9.2 SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to execute arbitrary SQL commands via "File Transfer Web Service". | 6.5 |
| 2017-07-17 | CVE-2017-2240 | Path Traversal vulnerability in Hammock Assetview 9.2 Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service". | 4.0 |
| 2017-07-13 | CVE-2017-9788 | Improper Input Validation vulnerability in multiple products In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. | 9.1 |
| 2017-07-13 | CVE-2017-7529 | Integer Overflow or Wraparound vulnerability in multiple products Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. | 5.0 |
| 2017-07-13 | CVE-2017-11103 | Insufficient Verification of Data Authenticity vulnerability in multiple products Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. | 6.8 |
| 2017-07-07 | CVE-2017-2218 | Untrusted Search Path vulnerability in Apple Quicktime Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 6.8 |
| 2017-06-27 | CVE-2017-2491 | Use After Free vulnerability in Apple Iphone OS Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file. | 6.8 |
| 2017-06-20 | CVE-2017-3082 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. | 10.0 |