Vulnerabilities > Apple

DATE CVE VULNERABILITY TITLE RISK
2017-06-20 CVE-2017-3081 Use After Free vulnerability in Adobe Flash Player
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations.
network
low complexity
adobe microsoft apple google linux CWE-416
critical
 10.0
10
2017-06-20 CVE-2017-3079 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data.
network
low complexity
adobe microsoft apple google linux CWE-119
critical
 10.0
10
2017-06-20 CVE-2017-3078 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module.
network
low complexity
adobe microsoft apple google linux CWE-119
critical
 10.0
10
2017-06-20 CVE-2017-3077 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser.
network
low complexity
adobe microsoft apple google linux CWE-119
critical
 10.0
10
2017-06-20 CVE-2017-3076 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Flash Player
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module.
network
low complexity
adobe microsoft apple google linux CWE-119
critical
 10.0
10
2017-06-20 CVE-2017-3075 Use After Free vulnerability in Adobe Flash Player
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class.
network
low complexity
adobe microsoft apple google linux CWE-416
critical
 10.0
10
2017-06-20 CVE-2017-7668 Out-of-bounds Read vulnerability in multiple products
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string.
network
low complexity
apache netapp redhat debian oracle apple CWE-125
7.5
7.5
2017-06-20 CVE-2017-3167 Improper Authentication vulnerability in multiple products
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
network
low complexity
apache netapp redhat apple debian oracle CWE-287
critical
 9.8
9.8
2017-05-23 CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs
critical
 9.8
9.8
2017-05-23 CVE-2016-9842 The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. 8.8
8.8