Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Itunes
Total 922 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0132 2 Apple, Microsoft 7 Itunes, Safari, Webkit and 4 more 2025-04-11 7.6 HIGH N/A
Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2012-0606 1 Apple 2 Iphone Os, Itunes 2025-04-11 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2013-1014 2 Apple, Microsoft 5 Itunes, Mac Os X, Windows 7 and 2 more 2025-04-11 4.3 MEDIUM N/A
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.
CVE-2011-0129 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2025-04-11 7.6 HIGH N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-2827 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.
CVE-2011-3081 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 9.3 HIGH N/A
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.
CVE-2012-0620 1 Apple 2 Iphone Os, Itunes 2025-04-11 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2011-3971 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 6.8 MEDIUM N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events.
CVE-2012-3687 1 Apple 2 Iphone Os, Itunes 2025-04-11 9.3 HIGH N/A
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
CVE-2012-3598 1 Apple 1 Itunes 2025-04-11 6.8 MEDIUM N/A
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
CVE-2010-0532 2 Apple, Microsoft 4 Itunes, Windows 7, Windows Vista and 1 more 2025-04-11 6.9 MEDIUM N/A
Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.
CVE-2012-3700 1 Apple 1 Itunes 2025-04-11 6.8 MEDIUM N/A
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
CVE-2012-0595 1 Apple 2 Iphone Os, Itunes 2025-04-11 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2010-1205 10 Apple, Canonical, Debian and 7 more 17 Iphone Os, Itunes, Mac Os X and 14 more 2025-04-11 7.5 HIGH 9.8 CRITICAL
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2011-3968 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 4.3 MEDIUM N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences.
CVE-2011-3064 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.
CVE-2011-3236 1 Apple 2 Itunes, Webkit 2025-04-11 7.6 HIGH N/A
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
CVE-2012-0635 1 Apple 2 Iphone Os, Itunes 2025-04-11 9.3 HIGH N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2011-1109 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 7.5 HIGH N/A
Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2012-3692 1 Apple 1 Itunes 2025-04-11 6.8 MEDIUM N/A
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.