Vulnerabilities > Apple > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-28 | CVE-2017-11121 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205. | 9.8 |
| 2017-09-28 | CVE-2017-11120 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204. | 9.8 |
| 2017-08-16 | CVE-2017-8248 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation. | 9.8 |
| 2017-07-20 | CVE-2017-7062 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.8 |
| 2017-07-13 | CVE-2017-9788 | Improper Input Validation vulnerability in multiple products In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. | 9.1 |
| 2017-06-20 | CVE-2017-3167 | Improper Authentication vulnerability in multiple products In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. | 9.8 |
| 2017-05-23 | CVE-2016-9843 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | 9.8 |
| 2017-05-23 | CVE-2016-9841 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 9.8 |
| 2017-05-22 | CVE-2017-2527 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 9.8 |
| 2017-05-22 | CVE-2017-2524 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.8 |