Export limit exceeded: 14548 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14548 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7156 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-5091 | 6 Apple, Debian, Google and 3 more | 10 Macos, Debian Linux, Android and 7 more | 2025-04-20 | 8.8 High |
| A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||||
| CVE-2017-5081 | 6 Apple, Debian, Google and 3 more | 10 Macos, Debian Linux, Android and 7 more | 2025-04-20 | 3.3 Low |
| Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files. | ||||
| CVE-2017-7146 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Security" component. It allows attackers to track users across installs via a crafted app that leverages Keychain data mishandling. | ||||
| CVE-2017-5062 | 5 Apple, Google, Linux and 2 more | 9 Macos, Android, Chrome and 6 more | 2025-04-20 | 8.8 High |
| A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension. | ||||
| CVE-2017-7131 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app. | ||||
| CVE-2017-5057 | 5 Apple, Google, Linux and 2 more | 9 Macos, Android, Chrome and 6 more | 2025-04-20 | 8.8 High |
| Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | ||||
| CVE-2017-7115 | 1 Apple | 2 Iphone Os, Tvos | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic that leverages a race condition. | ||||
| CVE-2016-7581 | 1 Apple | 1 Iphone Os | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Safari" component, which allows remote web servers to cause a denial of service via a crafted URL. | ||||
| CVE-2016-7582 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2017-5052 | 5 Apple, Google, Linux and 2 more | 9 Macos, Android, Chrome and 6 more | 2025-04-20 | 8.8 High |
| An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting. | ||||
| CVE-2017-7109 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted web content that incorrectly interacts with the Application Cache policy. | ||||
| CVE-2016-7583 | 1 Apple | 1 Icloud | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iCloud before 6.0.1 is affected. The issue involves the setup subsystem in the "iCloud" component. It allows local users to gain privileges via a crafted dynamic library in an unspecified directory. | ||||
| CVE-2016-7609 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "AppleGraphicsPowerManagement" component. It allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors. | ||||
| CVE-2016-7610 | 1 Apple | 4 Icloud, Iphone Os, Itunes and 1 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-7107 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-5033 | 6 Apple, Debian, Google and 3 more | 10 Macos, Debian Linux, Android and 7 more | 2025-04-20 | 4.3 Medium |
| Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword. | ||||
| CVE-2017-7100 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-7080 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust restrictions via a revoked X.509 certificate. | ||||
| CVE-2017-7067 | 1 Apple | 1 Mac Os X | 2025-04-20 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | ||||