Vulnerabilities (CVE)

Vendor filter

Apple Subscribe

Product filter

Mac Os X Subscribe

Filter

2154 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-9788 6 Apache, Netapp, Oracle and 3 more 16 Httpd, Http Server, Oncommand Unified Manager and 13 more 2019-08-15 6.4
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an...
CVE-2014-0117 2 Apache, Apple 2 Mac Os X, Http Server 2019-08-15 4.3
The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.
CVE-2018-12015 6 Perl, Canonical, Debian and 3 more 9 Perl, Ubuntu Linux, Debian Linux and 6 more 2019-08-06 6.4
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
CVE-2018-18311 7 Perl, Canonical, Debian and 4 more 17 Perl, Ubuntu Linux, Debian Linux and 14 more 2019-07-16 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-2014-4459 1 Apple 6 Mac Os X, Iphone Os, Safari and 3 more 2019-07-16 6.8
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
CVE-2018-20506 3 Apple, Sqlite, Opensuse 8 Icloud, Itunes, Sqlite and 5 more 2019-06-19 6.8
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to...
CVE-2018-20505 2 Apple, Sqlite 6 Icloud, Itunes, Sqlite and 3 more 2019-06-19 5.0
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
CVE-2016-4738 2 Apple, Debian 7 Mac Os X, Iphone Os, Watch Os and 4 more 2019-06-18 9.3
libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4609 2 Xmlsoft, Apple 6 Libxslt, Itunes, Iphone Os and 3 more 2019-06-18 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or...
CVE-2016-4607 2 Xmlsoft, Apple 6 Libxslt, Itunes, Iphone Os and 3 more 2019-06-18 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or...
CVE-2016-1841 1 Apple 5 Mac Os X, Iphone Os, Watchos and 2 more 2019-06-18 6.8
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2015-3195 6 Openssl, Apple, Oracle and 3 more 16 Sun Ray Software, Openssl, Transportation Management and 13 more 2019-06-14 5.0
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers...
CVE-2018-4456 1 Apple 1 Mac Os X 2019-05-14 9.3
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.
CVE-2017-7050 1 Apple 1 Mac Os X 2019-05-06 7.9
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory...
CVE-2017-7051 1 Apple 1 Mac Os X 2019-05-06 7.9
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory...
CVE-2017-7054 1 Apple 1 Mac Os X 2019-05-06 7.9
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory...
CVE-2017-13833 1 Apple 1 Mac Os X 2019-04-29 9.3
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory...
CVE-2015-5922 3 Icu Project, Apple, Icu-project 4 Mac Os X, International Components For Unicode, International Components For Unicode and 1 more 2019-04-23 10.0
Unspecified vulnerability in International Components for Unicode (ICU) before 53.1.0, as used in Apple OS X before 10.11 and watchOS before 2, has unknown impact and attack vectors.
CVE-2014-8147 3 Icu Project, Apple, Icu-project 4 Mac Os X, International Components For Unicode, Watchos and 1 more 2019-04-23 7.5
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which...
CVE-2014-8146 3 Icu Project, Apple, Icu-project 6 Mac Os X, Iphone Os, Itunes and 3 more 2019-04-23 7.5
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which...