Filtered by vendor Apple
Subscriptions
Filtered by product Itunes
Subscriptions
Total
918 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-4008 | 9 Apache, Apple, Canonical and 6 more | 16 Openoffice, Iphone Os, Itunes and 13 more | 2024-08-07 | N/A |
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | ||||
CVE-2010-3190 | 2 Apple, Microsoft | 4 Itunes, Visual C\+\+, Visual Studio and 1 more | 2024-08-07 | N/A |
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability." | ||||
CVE-2010-2249 | 9 Apple, Canonical, Debian and 6 more | 13 Iphone Os, Itunes, Safari and 10 more | 2024-08-07 | 6.5 Medium |
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | ||||
CVE-2010-1824 | 2 Apple, Google | 2 Itunes, Chrome | 2024-08-07 | N/A |
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. | ||||
CVE-2010-1763 | 2 Apple, Microsoft | 4 Itunes, Windows 7, Windows Vista and 1 more | 2024-08-07 | N/A |
Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769. | ||||
CVE-2010-1768 | 1 Apple | 1 Itunes | 2024-08-07 | N/A |
Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch. | ||||
CVE-2010-1823 | 2 Apple, Google | 3 Itunes, Safari, Chrome | 2024-08-07 | N/A |
Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. | ||||
CVE-2010-1777 | 2 Apple, Microsoft | 5 Itunes, Mac Os X, Windows 7 and 2 more | 2024-08-07 | N/A |
Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL. | ||||
CVE-2010-1795 | 1 Apple | 1 Itunes | 2024-08-07 | N/A |
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. | ||||
CVE-2010-1769 | 2 Apple, Microsoft | 4 Itunes, Windows 7, Windows Vista and 1 more | 2024-08-07 | N/A |
WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763. | ||||
CVE-2010-1387 | 2 Apple, Microsoft | 4 Iphone Os, Ipod Touch, Itunes and 1 more | 2024-08-07 | N/A |
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | ||||
CVE-2010-1205 | 11 Apple, Canonical, Debian and 8 more | 18 Iphone Os, Itunes, Mac Os X and 15 more | 2024-08-07 | 9.8 Critical |
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | ||||
CVE-2010-0531 | 2 Apple, Microsoft | 6 Itunes, Mac Os X, Mac Os X Server and 3 more | 2024-08-07 | N/A |
Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. | ||||
CVE-2010-0532 | 2 Apple, Microsoft | 4 Itunes, Windows 7, Windows Vista and 1 more | 2024-08-07 | N/A |
Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse. | ||||
CVE-2011-3971 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. | ||||
CVE-2011-3958 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | ||||
CVE-2011-3969 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. | ||||
CVE-2011-3966 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. | ||||
CVE-2011-3897 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. | ||||
CVE-2011-3968 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-08-06 | N/A |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. |