Export limit exceeded: 13749 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13749 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-2913 | 2 Apple, Citibank | 2 Iphone Os, Citi Mobile | 2025-04-11 | N/A |
| The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchronized computer. | ||||
| CVE-2012-3608 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | ||||
| CVE-2010-3623 | 2 Adobe, Apple | 3 Acrobat, Acrobat Reader, Mac Os X | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2010-3638 | 2 Adobe, Apple | 3 Flash Player, Mac Os X, Safari | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac OS X, when Safari is used, allows attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2010-3789 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-04-11 | N/A |
| QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file. | ||||
| CVE-2010-3800 | 1 Apple | 1 Quicktime | 2025-04-11 | N/A |
| Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file. | ||||
| CVE-2010-3801 | 1 Apple | 1 Quicktime | 2025-04-11 | N/A |
| Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file. | ||||
| CVE-2010-3786 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file. | ||||
| CVE-2010-3788 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-04-11 | N/A |
| QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file. | ||||
| CVE-2010-3794 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of FlashPix image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | ||||
| CVE-2010-3795 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | ||||
| CVE-2010-3796 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications. | ||||
| CVE-2010-3797 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3798 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted xar archive. | ||||
| CVE-2010-3816 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | ||||
| CVE-2010-3828 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad. | ||||
| CVE-2010-3831 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a "Send to MobileMe" action. | ||||
| CVE-2010-4009 | 1 Apple | 1 Quicktime | 2025-04-11 | N/A |
| Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | ||||
| CVE-2010-4010 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code via a crafted embedded Compact Font Format (CFF) font in a document. | ||||
| CVE-2010-4011 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | N/A |
| Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue." | ||||