Search Results (13968 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1833 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a document.
CVE-2011-0177 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font.
CVE-2010-2264 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2025-04-11 N/A
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document.
CVE-2010-1809 1 Apple 2 Iphone Os, Ipod Touch 2025-04-11 N/A
The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.
CVE-2011-0207 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network.
CVE-2011-0209 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2025-04-11 N/A
Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.
CVE-2011-0210 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2025-04-11 N/A
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.
CVE-2011-0212 1 Apple 1 Mac Os X Server 2025-04-11 N/A
servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
CVE-2010-1805 2 Apple, Microsoft 2 Safari, Windows 2025-04-11 N/A
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.
CVE-2011-0213 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2025-04-11 N/A
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.
CVE-2011-1203 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 N/A
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2011-1451 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 N/A
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
CVE-2011-2104 4 Adobe, Apple, Microsoft and 1 more 5 Acrobat, Acrobat Reader, Mac Os X and 2 more 2025-04-11 N/A
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
CVE-2009-4247 4 Apple, Microsoft, Realnetworks and 1 more 7 Mac Os X, Windows, Helix Player and 4 more 2025-04-11 N/A
Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow."
CVE-2011-2102 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2025-04-11 N/A
Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors.
CVE-2011-2379 3 Apple, Microsoft, Mozilla 3 Safari, Internet Explorer, Bugzilla 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.
CVE-2011-3046 3 Apple, Google, Opensuse 4 Iphone Os, Safari, Chrome and 1 more 2025-04-11 N/A
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
CVE-2011-2847 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 N/A
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
CVE-2011-3032 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.
CVE-2010-1783 3 Apple, Microsoft, Redhat 8 Mac Os X, Mac Os X Server, Safari and 5 more 2025-04-11 N/A
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.