Export limit exceeded: 366372 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (4420 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-4609 5 Apple, Debian, Fedoraproject and 2 more 10 Icloud, Iphone Os, Itunes and 7 more 2025-04-12 9.8 Critical
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612.
CVE-2016-4608 4 Apple, Fedoraproject, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2025-04-12 9.8 Critical
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.
CVE-2015-3688 1 Apple 3 Iphone Os, Itunes, Mac Os X 2025-04-12 N/A
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.
CVE-2016-4607 4 Apple, Fedoraproject, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2025-04-12 9.8 Critical
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.
CVE-2016-4605 1 Apple 1 Iphone Os 2025-04-12 N/A
Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation.
CVE-2015-3687 1 Apple 3 Iphone Os, Itunes, Mac Os X 2025-04-12 N/A
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689.
CVE-2016-4604 1 Apple 2 Iphone Os, Safari 2025-04-12 N/A
Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.
CVE-2016-4603 1 Apple 1 Iphone Os 2025-04-12 N/A
Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior.
CVE-2015-3686 1 Apple 3 Iphone Os, Itunes, Mac Os X 2025-04-12 N/A
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.
CVE-2016-4594 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2025-04-12 N/A
The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call.
CVE-2016-4593 1 Apple 1 Iphone Os 2025-04-12 N/A
The Siri Contacts component in Apple iOS before 9.3.3 allows physically proximate attackers to read arbitrary Contact card information via unspecified vectors.
CVE-2015-3685 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.
CVE-2016-4592 2 Apple, Webkitgtk 5 Iphone Os, Safari, Tvos and 2 more 2025-04-12 N/A
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
CVE-2016-4591 1 Apple 4 Iphone Os, Safari, Tvos and 1 more 2025-04-12 N/A
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.
CVE-2015-3684 1 Apple 2 Iphone Os, Mac Os X 2025-04-12 N/A
The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
CVE-2016-4590 1 Apple 3 Iphone Os, Safari, Webkit 2025-04-12 N/A
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
CVE-2016-4589 1 Apple 4 Iphone Os, Safari, Tvos and 1 more 2025-04-12 N/A
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624.
CVE-2015-3659 1 Apple 3 Iphone Os, Mac Os X, Safari 2025-04-12 N/A
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.
CVE-2016-4587 1 Apple 3 Iphone Os, Tvos, Webkit 2025-04-12 N/A
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site.
CVE-2016-4585 1 Apple 4 Iphone Os, Safari, Tvos and 1 more 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari.