Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mail vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-3710
Mail in Apple iOS prior to 8.4 and OS X prior to 10.10.4 allows remote malicious users to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
Apple Iphone Os
Apple Mac Os X
1 Github repository
4.3
CVSSv2
CVE-2013-5181
The auto-configuration feature in Mail in Apple Mac OS X prior to 10.9 selects plaintext authentication for unspecified servers that support CRAM-MD5 authentication, which allows remote malicious users to obtain sensitive information by sniffing the network.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.5
Apple Mac Os X 10.8.1
Apple Mac Os X
4.3
CVSSv2
CVE-2017-13860
An issue exists in certain Apple products. iOS prior to 11.2 is affected. macOS prior to 10.13.2 is affected. The issue involves the "Mail Drafts" component. It allows man-in-the-middle malicious users to read e-mail content by leveraging mishandling of S/MIME credentia...
Apple Iphone Os
Apple Mac Os X
1 Article
7.5
CVSSv2
CVE-2006-1450
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote malicious users to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes.
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.6
5
CVSSv2
CVE-2013-6835
TelephonyUI Framework in Apple iOS 7 prior to 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote malicious users to obtain telephone number or e-mail address information via a facetime-audio: URL.
Apple Iphone Os
Apple Iphone Os 7.0.2
Apple Iphone Os 7.0.3
Apple Iphone Os 7.0
Apple Iphone Os 7.0.1
Apple Iphone Os 7.0.4
Apple Iphone Os 7.0.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-3622
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 up to and including 10.5.4 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection.&quo...
Apple Mac Os X 10.5.3
Apple Mac Os X 10.5
Apple Mac Os X 10.5.4
Apple Mac Os X Server 10.5.2
Apple Mac Os X 10.5.2
Apple Mac Os X Server 10.5
Apple Mac Os X Server 10.5.1
Apple Mac Os X 10.5.1
Apple Mac Os X Server 10.5.4
Apple Mac Os X Server 10.5.3
6.8
CVSSv2
CVE-2007-0719
Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 up to and including 10.4.8 allows remote user-assisted malicious users to execute arbitrary code via an image with a crafted ColorSync profile.
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.7
Apple Mac Os X 10.4.8
Apple Mac Os X Server 10.4.5
Apple Mac Os X Server 10.4.6
Apple Mac Os X 10.4
Apple Mac Os X 10.4.1
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4
Apple Mac Os X Server 10.4.7
Apple Mac Os X Server 10.4.8
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.6
Apple Mac Os X Server 10.4.3
Apple Mac Os X Server 10.4.4
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.3
Apple Mac Os X Server 10.4.1
Apple Mac Os X Server 10.4.2
5
CVSSv2
CVE-2005-0127
Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote malicious users to link mail messages to a particular machine.
Apple Mac Os X Server 10.3.7
Apple Mac Os X 10.3.7
4.3
CVSSv2
CVE-2007-3755
Mail in Apple iPhone 1.1.1 allows remote user-assisted malicious users to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number.
Apple Iphone Os 1.0.2
Apple Iphone 1.0
Apple Iphone Os 1.0.1
4.3
CVSSv2
CVE-2015-5855
Apple iOS prior to 9 allows malicious users to discover the e-mail address of a player via a crafted Game Center app.
Apple Watchos 1.0
Apple Iphone Os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »