Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mail vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-3754
Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes or is not trusted, which might allow remote malicious users to steal credentials and read email via a man-in-the-middle (MITM) attack.
Apple Iphone Os 1.0.2
Apple Iphone 1.0
Apple Iphone Os 1.0.1
6.8
CVSSv2
CVE-2008-1576
Mail in Apple Mac OS X prior to 10.5, when an IPv6 SMTP server is used, does not properly initialize memory, which might allow remote malicious users to execute arbitrary code or cause a denial of service (application crash), or obtain sensitive information (memory contents) in o...
Apple Mac Os X 10.3
Apple Mac Os X 10.4
Apple Mac Os X 10.0
Apple Mac Os X 10.1
Apple Mac Os X 10.2
NA
CVE-2022-32928
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials.
Apple Iphone Os
Apple Macos
Apple Watchos
5
CVSSv2
CVE-2020-9777
An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. This issue is fixed in iOS 13.4 and iPadOS 13.4. Cropped videos may not be shared properly via Mail.
Apple Ipados
Apple Iphone Os
4.3
CVSSv2
CVE-2020-9819
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5, watchOS 5.3.7. Processing a maliciously crafted mail message may lead to heap corruption.
Apple Ipados
Apple Iphone Os
Apple Watchos
6.8
CVSSv2
CVE-2020-9818
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.
Apple Ipados
Apple Iphone Os
Apple Watchos
5.8
CVSSv2
CVE-2010-3813
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari prior to 5.0.3 on Mac OS X 10.5 up to and including 10.6 and Windows, and prior to 4.1.3 on Mac OS X 10.4; webkitgtk prior to 1.2.6; and possibly other products d...
Apple Safari
Apple Safari 5.0.1
Apple Safari 5.0
Apple Webkit
Apple Safari 4.1.1
Apple Safari 3.1.0b
Apple Safari 3.1.0
Apple Safari 3.0.4b
Apple Safari 3.0.1
Apple Safari 3.0.0b
Apple Safari 2.0.3
Apple Safari 1.3.2
Apple Safari 1.2.2
Apple Safari 1.2.1
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 3.2.1
Apple Safari 3.2.0
Apple Safari 3.0.3
Apple Safari 3.0.2b
Apple Safari 3
Apple Safari 2.0.4
4.3
CVSSv2
CVE-2017-17689
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
Gnome Evolution -
Mozilla Thunderbird -
Ibm Notes -
Emclient Emclient -
Horde Horde Imp -
9folders Nine -
Freron Mailmate -
Kde Kmail -
Ritlabs The Bat -
Microsoft Outlook 2013
Flipdogsolutions Maildroid -
R2mail2 R2mail2 -
Apple Mail -
Bloop Airmail -
Microsoft Outlook 2010
Microsoft Outlook 2007
Google Gmail -
Kde Trojita -
Postbox-inc Postbox -
Microsoft Outlook 2016
1 Github repository
1 Article
6.8
CVSSv2
CVE-2011-3227
libsecurity in Apple Mac OS X prior to 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list (CRL), which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) a craf...
Apple Mac Os X Server 10.6.4
Apple Mac Os X Server 10.6.3
Apple Mac Os X Server 10.6.2
Apple Mac Os X Server 10.5.4
Apple Mac Os X Server 10.5.3
Apple Mac Os X Server 10.4.7
Apple Mac Os X Server 10.4.6
Apple Mac Os X Server 10.4.1
Apple Mac Os X Server 10.4.0
Apple Mac Os X Server 10.4
Apple Mac Os X Server 10.3.3
Apple Mac Os X Server 10.3.2
Apple Mac Os X Server 10.2.5
Apple Mac Os X Server 10.2.4
Apple Mac Os X Server 10.1.3
Apple Mac Os X Server 10.1.2
Apple Mac Os X Server 10.0.1
Apple Mac Os X Server 10.0.0
Apple Mac Os X 10.6.0
Apple Mac Os X 10.5.8
Apple Mac Os X 10.5.0
Apple Mac Os X 10.5
2.6
CVSSv2
CVE-2013-5183
Mail in Apple Mac OS X prior to 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote malicious users to obtain sensitive information by sniffing the network.
Apple Mac Os X
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »