Apple

iTunes

922 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2014-4468

  • EPSS 0.84%
  • Published 10.12.2014 21:59:05
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnera...

7.5

CVE-2014-4466

  • EPSS 1.01%
  • Published 10.12.2014 21:59:04
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnera...

6.8

CVE-2014-4459

  • EPSS 2.97%
  • Published 18.11.2014 11:59:06
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.

5.4

CVE-2014-4452

  • EPSS 1.07%
  • Published 18.11.2014 11:59:01
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2...

7.5

CVE-2014-3192

  • EPSS 1.74%
  • Published 08.10.2014 10:55:06
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of...

4.4

CVE-2014-1347

  • EPSS 0.04%
  • Published 18.05.2014 11:12:54
  • Last modified 12.04.2025 10:46:40

Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary user accounts, via standard filesystem operations.

6.8

CVE-2014-1301

  • EPSS 1.31%
  • Published 02.04.2014 16:17:06
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other W...

5.8

CVE-2014-1242

  • EPSS 0.46%
  • Published 23.01.2014 19:55:04
  • Last modified 11.04.2025 00:51:21

Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream.

6.8

CVE-2013-5198

  • EPSS 2.12%
  • Published 18.12.2013 16:04:33
  • Last modified 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other W...

6.8

CVE-2013-5199

  • EPSS 2.76%
  • Published 18.12.2013 16:04:33
  • Last modified 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other W...