Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple cfnetwork vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-0924
cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote malicious users to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element.
Apple Safari 4.0.3
Apple Safari 4.0.4
6.8
CVSSv2
CVE-2015-3684
The HTTPAuthentication implementation in CFNetwork in Apple iOS prior to 8.4 and OS X prior to 10.10.4 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.
Apple Mac Os X
Apple Iphone Os
5
CVSSv2
CVE-2015-1089
CFNetwork in Apple iOS prior to 8.3 and Apple OS X prior to 10.10.3 does not properly handle cookies during processing of redirects in HTTP responses, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Apple Mac Os X
Apple Iphone Os
5
CVSSv2
CVE-2008-0050
CFNetwork in Apple Mac OS X 10.4.11 allows remote HTTPS proxy servers to spoof secure websites via data in a 502 Bad Gateway error.
Apple Mac Os X Server 10.4.11
Apple Mac Os X 10.4.11
4.3
CVSSv2
CVE-2015-5859
The CFNetwork HTTPProtocol component in Apple iOS prior to 9 and OS X prior to 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote malicious users to obtain sensitive information by sniffing the networ...
Apple Mac Os X
Apple Iphone Os
4.3
CVSSv2
CVE-2015-1091
The CFNetwork Session component in Apple iOS prior to 8.3 and Apple OS X prior to 10.10.3 does not properly handle request headers during processing of redirects in HTTP responses, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Apple Mac Os X
Apple Iphone Os
2.1
CVSSv2
CVE-2016-4707
CFNetwork in Apple iOS prior to 10 and OS X prior to 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.
Apple Iphone Os
Apple Mac Os X
5
CVSSv2
CVE-2006-4407
The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote malicious users to decrypt traffic.
Apple Mac Os X 10.3.1
Apple Mac Os X 10.3.5
Apple Mac Os X 10.3.2
Apple Mac Os X 10.3.7
Apple Mac Os X 10.3.6
Apple Mac Os X 10.3.8
Apple Mac Os X 10.3.4
Apple Mac Os X 10.3.3
Apple Mac Os X 10.3
2.1
CVSSv2
CVE-2016-4645
CFNetwork in Apple OS X prior to 10.11.6 uses weak permissions for web-browser cookies, which allows local users to obtain sensitive information via unspecified vectors.
Apple Mac Os X
5
CVSSv2
CVE-2012-0641
CFNetwork in Apple iOS prior to 5.1 does not properly construct request headers during parsing of URLs, which allows remote malicious users to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.
Apple Iphone Os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »