Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-05-11 | CVE-2012-0654 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate. | 6.8 |
| 2012-05-11 | CVE-2012-0652 | Information Exposure vulnerability in Apple mac OS X 10.7.3 Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or networked home directories are enabled, does not properly restrict what is written to the system log for network logins, which allows local users to obtain sensitive information by reading the log. | 4.9 |
| 2012-05-11 | CVE-2012-0651 | Information Exposure vulnerability in Apple mac OS X and mac OS X Server The directory server in Directory Service in Apple Mac OS X 10.6.8 allows remote attackers to obtain sensitive information from process memory via a crafted message. | 5.0 |
| 2012-05-11 | CVE-2012-0649 | Race Condition vulnerability in Apple mac OS X and mac OS X Server Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 allows local users to gain privileges via vectors involving a temporary file. | 6.9 |
| 2012-05-08 | CVE-2012-0674 | Improper Input Validation vulnerability in Apple Iphone OS Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the location bar's URL via a crafted web site. | 4.3 |
| 2012-05-08 | CVE-2012-0672 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 6.8 |
| 2012-05-01 | CVE-2012-1521 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 6.8 |
| 2012-05-01 | CVE-2011-3078 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. | 6.8 |
| 2012-04-05 | CVE-2011-3076 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. | 6.8 |
| 2012-04-05 | CVE-2011-3075 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. | 6.8 |