Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple cfnetwork vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-0924
cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote malicious users to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element.
Apple Safari 4.0.3
Apple Safari 4.0.4
6.8
CVSSv2
CVE-2015-3684
The HTTPAuthentication implementation in CFNetwork in Apple iOS prior to 8.4 and OS X prior to 10.10.4 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
Apple Mac Os X
Apple Iphone Os
5
CVSSv2
CVE-2015-1089
CFNetwork in Apple iOS prior to 8.3 and Apple OS X prior to 10.10.3 does not properly handle cookies during processing of redirects in HTTP responses, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Apple Mac Os X
Apple Iphone Os
4.3
CVSSv2
CVE-2015-1091
The CFNetwork Session component in Apple iOS prior to 8.3 and Apple OS X prior to 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Apple Mac Os X
Apple Iphone Os
4.3
CVSSv2
CVE-2015-5859
The CFNetwork HTTPProtocol component in Apple iOS prior to 9 and OS X prior to 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote malicious users to obtain sensitive information by sniffing the networ...
Apple Mac Os X
Apple Iphone Os
5
CVSSv2
CVE-2008-0050
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
Apple Mac Os X Server 10.4.11
Apple Mac Os X 10.4.11
6.8
CVSSv2
CVE-2010-1752
Stack-based buffer overflow in CFNetwork in Apple iOS prior to 4 on the iPhone and iPod touch allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.
Apple Iphone Os
2.1
CVSSv2
CVE-2016-4707
CFNetwork in Apple iOS prior to 10 and OS X prior to 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.
Apple Iphone Os
Apple Mac Os X
2.1
CVSSv2
CVE-2016-4645
CFNetwork in Apple OS X prior to 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.
Apple Mac Os X
5
CVSSv2
CVE-2006-4407
The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote malicious users to decrypt traffic.
Apple Mac Os X 10.3.4
Apple Mac Os X 10.3.5
Apple Mac Os X 10.3
Apple Mac Os X 10.3.1
Apple Mac Os X 10.3.8
Apple Mac Os X 10.3.6
Apple Mac Os X 10.3.7
Apple Mac Os X 10.3.2
Apple Mac Os X 10.3.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »