Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2012-2807

Summary
Assigner-Chrome
Assigner Org ID-ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At-27 Jun, 2012 | 10:00
Updated At-06 Aug, 2024 | 19:42
Rejected At-
Credits

Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Chrome
Assigner Org ID:ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At:27 Jun, 2012 | 10:00
Updated At:06 Aug, 2024 | 19:42
Rejected At:
â–¼CVE Numbering Authority (CNA)

Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
vendor-advisory
x_refsource_APPLE
https://hermes.opensuse.org/messages/15075728
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
vendor-advisory
x_refsource_SUSE
http://support.apple.com/kb/HT6001
x_refsource_CONFIRM
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
x_refsource_CONFIRM
http://secunia.com/advisories/50658
third-party-advisory
x_refsource_SECUNIA
https://hermes.opensuse.org/messages/15375990
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/54718
vdb-entry
x_refsource_BID
http://secunia.com/advisories/54886
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT5934
x_refsource_CONFIRM
http://secunia.com/advisories/55568
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1587-1
vendor-advisory
x_refsource_UBUNTU
http://www.debian.org/security/2012/dsa-2521
vendor-advisory
x_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
vendor-advisory
x_refsource_MANDRIVA
http://code.google.com/p/chromium/issues/detail?id=129930
x_refsource_CONFIRM
http://secunia.com/advisories/50800
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
vendor-advisory
x_refsource_MANDRIVA
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
vendor-advisory
x_refsource_APPLE
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: https://hermes.opensuse.org/messages/15075728
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://support.apple.com/kb/HT6001
Resource:
x_refsource_CONFIRM
Hyperlink: http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/50658
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://hermes.opensuse.org/messages/15375990
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/54718
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/54886
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://support.apple.com/kb/HT5934
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/55568
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/USN-1587-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.debian.org/security/2012/dsa-2521
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://code.google.com/p/chromium/issues/detail?id=129930
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/50800
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
Resource:
vendor-advisory
x_refsource_APPLE
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
vendor-advisory
x_refsource_APPLE
x_transferred
https://hermes.opensuse.org/messages/15075728
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://support.apple.com/kb/HT6001
x_refsource_CONFIRM
x_transferred
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/50658
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://hermes.opensuse.org/messages/15375990
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/54718
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/54886
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://support.apple.com/kb/HT5934
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/55568
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/USN-1587-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.debian.org/security/2012/dsa-2521
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://code.google.com/p/chromium/issues/detail?id=129930
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/50800
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: https://hermes.opensuse.org/messages/15075728
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://support.apple.com/kb/HT6001
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/50658
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://hermes.opensuse.org/messages/15375990
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/54718
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/54886
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://support.apple.com/kb/HT5934
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/55568
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-1587-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.debian.org/security/2012/dsa-2521
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://code.google.com/p/chromium/issues/detail?id=129930
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/50800
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:chrome-cve-admin@google.com
Published At:27 Jun, 2012 | 10:18
Updated At:29 Apr, 2026 | 01:13

Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Google LLC
google
>>chrome>>Versions up to 20.0.1132.42(inclusive)
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.0
cpe:2.3:a:google:chrome:20.0.1132.0:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.1
cpe:2.3:a:google:chrome:20.0.1132.1:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.2
cpe:2.3:a:google:chrome:20.0.1132.2:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.3
cpe:2.3:a:google:chrome:20.0.1132.3:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.4
cpe:2.3:a:google:chrome:20.0.1132.4:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.5
cpe:2.3:a:google:chrome:20.0.1132.5:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.6
cpe:2.3:a:google:chrome:20.0.1132.6:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.7
cpe:2.3:a:google:chrome:20.0.1132.7:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.8
cpe:2.3:a:google:chrome:20.0.1132.8:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.9
cpe:2.3:a:google:chrome:20.0.1132.9:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.10
cpe:2.3:a:google:chrome:20.0.1132.10:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.11
cpe:2.3:a:google:chrome:20.0.1132.11:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.12
cpe:2.3:a:google:chrome:20.0.1132.12:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.13
cpe:2.3:a:google:chrome:20.0.1132.13:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.14
cpe:2.3:a:google:chrome:20.0.1132.14:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.15
cpe:2.3:a:google:chrome:20.0.1132.15:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.16
cpe:2.3:a:google:chrome:20.0.1132.16:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.17
cpe:2.3:a:google:chrome:20.0.1132.17:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.18
cpe:2.3:a:google:chrome:20.0.1132.18:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.19
cpe:2.3:a:google:chrome:20.0.1132.19:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.20
cpe:2.3:a:google:chrome:20.0.1132.20:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.21
cpe:2.3:a:google:chrome:20.0.1132.21:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.22
cpe:2.3:a:google:chrome:20.0.1132.22:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.23
cpe:2.3:a:google:chrome:20.0.1132.23:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.24
cpe:2.3:a:google:chrome:20.0.1132.24:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.25
cpe:2.3:a:google:chrome:20.0.1132.25:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.26
cpe:2.3:a:google:chrome:20.0.1132.26:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.27
cpe:2.3:a:google:chrome:20.0.1132.27:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.28
cpe:2.3:a:google:chrome:20.0.1132.28:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.29
cpe:2.3:a:google:chrome:20.0.1132.29:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.30
cpe:2.3:a:google:chrome:20.0.1132.30:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.31
cpe:2.3:a:google:chrome:20.0.1132.31:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.32
cpe:2.3:a:google:chrome:20.0.1132.32:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.33
cpe:2.3:a:google:chrome:20.0.1132.33:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.34
cpe:2.3:a:google:chrome:20.0.1132.34:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.35
cpe:2.3:a:google:chrome:20.0.1132.35:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.36
cpe:2.3:a:google:chrome:20.0.1132.36:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.37
cpe:2.3:a:google:chrome:20.0.1132.37:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.38
cpe:2.3:a:google:chrome:20.0.1132.38:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.39
cpe:2.3:a:google:chrome:20.0.1132.39:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.40
cpe:2.3:a:google:chrome:20.0.1132.40:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>20.0.1132.41
cpe:2.3:a:google:chrome:20.0.1132.41:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>*
cpe:2.3:o:linux:linux_kernel:*:*:64-bit:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>Versions up to 6.1.4(inclusive)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>1.0.0
cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>1.0.1
cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>1.0.2
cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>1.1.0
cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
Apple Inc.
apple
>>iphone_os>>1.1.1
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://code.google.com/p/chromium/issues/detail?id=129930chrome-cve-admin@google.com
N/A
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.htmlchrome-cve-admin@google.com
N/A
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.htmlchrome-cve-admin@google.com
N/A
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.htmlchrome-cve-admin@google.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.htmlchrome-cve-admin@google.com
N/A
http://secunia.com/advisories/50658chrome-cve-admin@google.com
N/A
http://secunia.com/advisories/50800chrome-cve-admin@google.com
N/A
http://secunia.com/advisories/54886chrome-cve-admin@google.com
N/A
http://secunia.com/advisories/55568chrome-cve-admin@google.com
N/A
http://support.apple.com/kb/HT5934chrome-cve-admin@google.com
N/A
http://support.apple.com/kb/HT6001chrome-cve-admin@google.com
N/A
http://www.debian.org/security/2012/dsa-2521chrome-cve-admin@google.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2012:126chrome-cve-admin@google.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:056chrome-cve-admin@google.com
N/A
http://www.securityfocus.com/bid/54718chrome-cve-admin@google.com
N/A
http://www.ubuntu.com/usn/USN-1587-1chrome-cve-admin@google.com
N/A
https://hermes.opensuse.org/messages/15075728chrome-cve-admin@google.com
N/A
https://hermes.opensuse.org/messages/15375990chrome-cve-admin@google.com
N/A
http://code.google.com/p/chromium/issues/detail?id=129930af854a3a-2127-422b-91ae-364da2661108
N/A
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/50658af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/50800af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/54886af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/55568af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT5934af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT6001af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2012/dsa-2521af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2012:126af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:056af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/54718af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1587-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://hermes.opensuse.org/messages/15075728af854a3a-2127-422b-91ae-364da2661108
N/A
https://hermes.opensuse.org/messages/15375990af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://code.google.com/p/chromium/issues/detail?id=129930
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/50658
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/50800
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/54886
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/55568
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5934
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT6001
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2012/dsa-2521
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/54718
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1587-1
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/15075728
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/15375990
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://code.google.com/p/chromium/issues/detail?id=129930
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/50658
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/50800
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/54886
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/55568
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5934
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT6001
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2012/dsa-2521
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2012:126
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/54718
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1587-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/15075728
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/15375990
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

3046Records found
CVE-2014-3187
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.81% / 52.22%
||
7 Day CHG~0.00%
Published-08 Oct, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of (1) facetime:// and (2) facetime-audio:// URLs, which allows remote attackers to obtain video and audio data from a device via a crafted web site.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-chromeiphone_osn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-27922
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.05% / 59.88%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:32
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted font file may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadoswatchostvosmac_os_xwatchOStvOSmacOSiOS and iPadOS
CVE-2014-3160
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-1.34% / 67.75%
||
7 Day CHG~0.00%
Published-20 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxn/a
CVE-2020-3840
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.14% / 62.41%
||
7 Day CHG~0.00%
Published-27 Feb, 2020 | 20:45
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_ostvosmac_os_xipadostvOSmacOSiOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-193
Off-by-one Error
CVE-2020-35931
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.29% / 81.02%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 20:14
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Subtype entry of the Annotation dictionary, in an incremental update.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Foxit Software Incorporated
Product-phantompdfwindowsfoxit_readermacosn/a
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2014-1391
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-4.18% / 89.61%
||
7 Day CHG~0.00%
Published-19 Sep, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1389
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.76% / 84.38%
||
7 Day CHG~0.00%
Published-14 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-27944
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.01% / 58.56%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:37
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipad_oswatchostvosmacostvOSmacOSwatchOSiOS and iPadOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-1367
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.53% / 82.90%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_ossafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-29614
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.79% / 51.61%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:41
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted file may lead to heap corruption.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadostvosmac_os_xmacostvOSmacOSiOS and iPadOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-29616
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.86% / 53.71%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:42
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-macosmac_os_xmacOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-27933
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.99% / 58.13%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:34
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, iCloud for Windows 7.20, watchOS 6.2.8, tvOS 13.4.8, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing a maliciously crafted image may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchosipadostvosmac_os_xicloudmacOSiOS and iPadOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30942
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.52% / 71.25%
||
7 Day CHG~0.00%
Published-24 Aug, 2021 | 18:50
Updated-03 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing a maliciously crafted image may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchosipadostvosmac_os_xmacoswatchOSmacOSiOS and iPadOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-1366
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.53% / 82.90%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_ossafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-27919
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.04% / 59.51%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:29
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-29617
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.79% / 51.61%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:43
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchosipadostvosmac_os_xmacosicloudtvOSmacOSwatchOSiOS and iPadOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2014-1368
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.53% / 82.90%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_ossafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1387
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.76% / 84.38%
||
7 Day CHG~0.00%
Published-14 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1370
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.18% / 80.00%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The byte-swapping implementation in copyfile in Apple OS X before 10.9.4 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted AppleDouble file in a ZIP archive.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-27939
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.90% / 54.96%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:35
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CVE-2020-27951
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.06% / 60.22%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:38
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This issue was addressed with improved checks. This issue is fixed in watchOS 6.3, iOS 12.5, iOS 14.3 and iPadOS 14.3, watchOS 7.2. Unauthorized code execution may lead to an authentication policy violation.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchosipadoswatchOSiOS and iPadOSiOS
CVE-2020-27943
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.98% / 57.74%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:36
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in tvOS 14.3, iOS 14.3 and iPadOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.2. Processing a maliciously crafted font file may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipad_oswatchostvosmacostvOSmacOSwatchOSiOS and iPadOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-1382
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.64% / 83.60%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_ossafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1385
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.76% / 84.38%
||
7 Day CHG~0.00%
Published-14 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1384
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.76% / 84.38%
||
7 Day CHG~0.00%
Published-14 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1386
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.43% / 82.11%
||
7 Day CHG~0.00%
Published-14 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-36406
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.52% / 71.39%
||
7 Day CHG~0.00%
Published-01 Jul, 2021 | 02:52
Updated-04 Aug, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application (that uses uWebSockets) should not be allowing the large number of triggered topics to accumulate

Action-Not Available
Vendor-uwebsockets_projectn/aLinux Kernel Organization, Inc
Product-linux_kerneluwebsocketsn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-1365
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.53% / 82.90%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_ossafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1390
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.43% / 82.11%
||
7 Day CHG~0.00%
Published-14 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1979
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-6.8||MEDIUM
EPSS-1.70% / 74.18%
||
7 Day CHG~0.00%
Published-19 Mar, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620 for Android 4.1 through 4.4 allows remote attackers to execute arbitrary Java methods via Deco-mail emoticon POP data in an e-mail message.

Action-Not Available
Vendor-nttdocomon/aGoogle LLC
Product-androidspmode_mail_androidn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-1388
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.76% / 84.38%
||
7 Day CHG~0.00%
Published-14 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1337
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.33% / 81.36%
||
7 Day CHG~0.00%
Published-22 May, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-28342
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 22.04%
||
7 Day CHG~0.00%
Published-08 Nov, 2020 | 04:03
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. The S Secure application allows attackers to bypass authentication for a locked Gallery application via the Reminder application. The Samsung ID is SVE-2020-18689 (November 2020).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CVE-2014-1319
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.93% / 77.35%
||
7 Day CHG~0.00%
Published-23 Apr, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1313
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.35% / 81.50%
||
7 Day CHG~0.00%
Published-02 Apr, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1292
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.16% / 79.88%
||
7 Day CHG~0.00%
Published-14 Mar, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1293, and CVE-2014-1294.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_osn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-29611
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-1.01% / 58.79%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 17:42
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchosipadostvosmac_os_xmacosicloudtvOSmacOSwatchOSiOS and iPadOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-1302
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.13% / 79.61%
||
7 Day CHG~0.00%
Published-02 Apr, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1268
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.88% / 76.71%
||
7 Day CHG+0.02%
Published-27 Feb, 2014 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.

Action-Not Available
Vendor-n/aApple Inc.
Product-webkitsafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1329
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.33% / 81.36%
||
7 Day CHG~0.00%
Published-22 May, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1311
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.15% / 79.77%
||
7 Day CHG~0.00%
Published-02 Apr, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1312
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.13% / 79.61%
||
7 Day CHG~0.00%
Published-02 Apr, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1364
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.53% / 82.90%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_ossafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1339
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.34% / 81.46%
||
7 Day CHG~0.00%
Published-22 May, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1354
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.85% / 84.90%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CoreGraphics in Apple iOS before 7.1.2 does not properly restrict allocation of stack memory for processing of XBM images, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image data.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osn/a
CVE-2014-1324
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.62% / 72.94%
||
7 Day CHG~0.00%
Published-22 May, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1301
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.85% / 76.40%
||
7 Day CHG~0.00%
Published-02 Apr, 2014 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-itunessafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1334
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.34% / 81.46%
||
7 Day CHG~0.00%
Published-22 May, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

Action-Not Available
Vendor-n/aApple Inc.
Product-safarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1362
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.53% / 82.90%
||
7 Day CHG~0.00%
Published-01 Jul, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_ossafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1290
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.12% / 79.45%
||
7 Day CHG~0.00%
Published-14 Mar, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, and CVE-2014-1294.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_osn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 60
  • 61
  • Next
Details not found