CVE-2018-4404

Public exploit
In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling.
Max CVSS
9.3
EPSS Score
0.11%
Published
2019-01-11
Updated
2019-01-23

CVE-2018-4233

Public exploit
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Max CVSS
8.8
EPSS Score
1.76%
Published
2018-06-08
Updated
2019-06-02

CVE-2018-4162

Public exploit
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Max CVSS
8.8
EPSS Score
0.51%
Published
2018-04-03
Updated
2020-08-14

CVE-2017-13861

Public exploit
An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Max CVSS
9.3
EPSS Score
0.26%
Published
2017-12-25
Updated
2019-06-02

CVE-2016-4657

Known exploited
Public exploit
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Max CVSS
8.8
EPSS Score
87.54%
Published
2016-08-25
Updated
2018-06-08
CISA KEV Added
2022-05-24

CVE-2015-0235

Public exploit
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
Max CVSS
10.0
EPSS Score
97.52%
Published
2015-01-28
Updated
2022-07-05

CVE-2014-4404

Known exploited
Public exploit
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.
Max CVSS
9.3
EPSS Score
0.64%
Published
2014-09-18
Updated
2019-03-08
CISA KEV Added
2022-02-10

CVE-2013-1017

Public exploit
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file.
Max CVSS
9.3
EPSS Score
97.28%
Published
2013-05-24
Updated
2017-09-19

CVE-2012-3753

Public exploit
Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIME type.
Max CVSS
9.3
EPSS Score
97.02%
Published
2012-11-09
Updated
2017-09-19

CVE-2012-3752

Public exploit
Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted style element in a QuickTime TeXML file.
Max CVSS
9.3
EPSS Score
97.00%
Published
2012-11-09
Updated
2017-09-19

CVE-2012-0663

Public exploit
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file.
Max CVSS
9.3
EPSS Score
97.32%
Published
2012-05-16
Updated
2017-09-19

CVE-2011-0257

Public exploit
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
Max CVSS
9.3
EPSS Score
96.63%
Published
2011-08-15
Updated
2017-09-19

CVE-2010-1799

Public exploit
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
Max CVSS
9.3
EPSS Score
33.26%
Published
2010-08-16
Updated
2018-10-30

CVE-2009-0950

Public exploit
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
Max CVSS
9.3
EPSS Score
96.78%
Published
2009-06-02
Updated
2018-10-10

CVE-2008-0226

Public exploit
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Max CVSS
7.5
EPSS Score
97.46%
Published
2008-01-10
Updated
2019-12-17

CVE-2007-6166

Public exploit
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
Max CVSS
9.3
EPSS Score
97.02%
Published
2007-11-29
Updated
2018-10-30

CVE-2007-2386

Public exploit
Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet.
Max CVSS
9.4
EPSS Score
41.76%
Published
2007-05-24
Updated
2017-07-29

CVE-2007-0015

Public exploit
Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI.
Max CVSS
6.8
EPSS Score
96.63%
Published
2007-01-01
Updated
2017-10-19

CVE-2005-0043

Public exploit
Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.
Max CVSS
7.5
EPSS Score
18.63%
Published
2005-05-02
Updated
2017-07-11

CVE-2004-0430

Public exploit
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field.
Max CVSS
5.1
EPSS Score
10.57%
Published
2004-07-07
Updated
2017-07-11

CVE-2003-0694

Public exploit
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
Max CVSS
10.0
EPSS Score
5.70%
Published
2003-10-06
Updated
2018-10-30

CVE-2003-0201

Public exploit
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
97.04%
Published
2003-05-05
Updated
2018-10-30
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. Processing an image may lead to arbitrary code execution.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-08
Updated
2024-03-13
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution.
Max CVSS
7.8
EPSS Score
0.06%
Published
2023-10-25
Updated
2023-11-02
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.
Max CVSS
6.5
EPSS Score
0.14%
Published
2023-10-25
Updated
2023-11-02
1951 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!