Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
5249 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4134 | 8 Adobe, Apple, Google and 5 more | 17 Flash Player, Flash Player Desktop Runtime, Macos and 14 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2016-4133 | 8 Adobe, Apple, Google and 5 more | 17 Flash Player, Flash Player Desktop Runtime, Macos and 14 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2016-4132 | 8 Adobe, Apple, Google and 5 more | 17 Flash Player, Flash Player Desktop Runtime, Macos and 14 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2016-4131 | 8 Adobe, Apple, Google and 5 more | 17 Flash Player, Flash Player Desktop Runtime, Macos and 14 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2014-9751 | 6 Apple, Debian, Linux and 3 more | 9 Macos, Debian Linux, Linux Kernel and 6 more | 2025-04-12 | N/A |
| The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address. | ||||
| CVE-2016-4156 | 8 Adobe, Apple, Google and 5 more | 17 Flash Player, Flash Player Desktop Runtime, Macos and 14 more | 2025-04-12 | 8.8 High |
| Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. | ||||
| CVE-2014-0564 | 8 Adobe, Apple, Google and 5 more | 15 Air Desktop Runtime, Air Sdk, Flash Player and 12 more | 2025-04-12 | N/A |
| Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558. | ||||
| CVE-2010-1283 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2025-04-11 | 8.8 High |
| Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 record. | ||||
| CVE-2011-4372 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Reader, Macos and 2 more | 2025-04-11 | 9.8 Critical |
| Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. | ||||
| CVE-2012-2040 | 7 Adobe, Apple, Google and 4 more | 8 Air, Flash Player, Macos and 5 more | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory. | ||||
| CVE-2010-0986 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2025-04-11 | 8.8 High |
| Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file. | ||||
| CVE-2013-0894 | 7 Apple, Canonical, Ffmpeg and 4 more | 7 Macos, Ubuntu Linux, Ffmpeg and 4 more | 2025-04-11 | N/A |
| Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. | ||||
| CVE-2013-6853 | 3 Apple, Mozilla, Yahoo | 3 Macos, Firefox, Toolbar | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20130813024103 for Mac, and 2.5.9.2013418100420 for Windows, allows remote attackers to inject arbitrary web script or HTML via a crafted URL that is stored by the victim. | ||||
| CVE-2013-2555 | 8 Adobe, Apple, Google and 5 more | 14 Air, Flash Player, Macos and 11 more | 2025-04-11 | N/A |
| Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. | ||||
| CVE-2010-0128 | 3 Adobe, Apple, Microsoft | 4 Director, Shockwave Player, Macos and 1 more | 2025-04-11 | N/A |
| Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Director before 11.5.7.609 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir file that triggers an invalid read operation. | ||||
| CVE-2011-3640 | 3 Apple, Google, Microsoft | 3 Macos, Chrome, Windows | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug." | ||||
| CVE-2010-1292 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2025-04-11 | N/A |
| The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file. | ||||
| CVE-2010-0129 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2025-04-11 | 8.8 High |
| Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error. | ||||
| CVE-2010-1284 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2025-04-11 | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. | ||||
| CVE-2013-0899 | 6 Apple, Google, Linux and 3 more | 9 Ipados, Iphone Os, Mac Os X and 6 more | 2025-04-11 | N/A |
| Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet. | ||||