Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-3710
Mail in Apple iOS prior to 8.4 and OS X prior to 10.10.4 allows remote malicious users to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
Apple Iphone Os
Apple Mac Os X
1 Github repository
NA
CVE-2013-5181
The auto-configuration feature in Mail in Apple Mac OS X prior to 10.9 selects plaintext authentication for unspecified servers that support CRAM-MD5 authentication, which allows remote malicious users to obtain sensitive information by sniffing the network.
Apple Mac Os X 10.8.0
Apple Mac Os X 10.8.2
Apple Mac Os X 10.8.3
Apple Mac Os X 10.8.4
Apple Mac Os X 10.8.5
Apple Mac Os X 10.8.1
Apple Mac Os X
5.9
CVSSv3
CVE-2017-13860
An issue exists in certain Apple products. iOS prior to 11.2 is affected. macOS prior to 10.13.2 is affected. The issue involves the "Mail Drafts" component. It allows man-in-the-middle malicious users to read e-mail content by leveraging mishandling of S/MIME credentia...
Apple Iphone Os
Apple Mac Os X
1 Article
NA
CVE-2006-1450
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote malicious users to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes.
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.6
NA
CVE-2013-6835
TelephonyUI Framework in Apple iOS 7 prior to 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote malicious users to obtain telephone number or e-mail address information via a facetime-audio: URL.
Apple Iphone Os
Apple Iphone Os 7.0.2
Apple Iphone Os 7.0.3
Apple Iphone Os 7.0
Apple Iphone Os 7.0.1
Apple Iphone Os 7.0.4
Apple Iphone Os 7.0.5
1 EDB exploit
NA
CVE-2008-3622
Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 up to and including 10.5.4 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection.&quo...
Apple Mac Os X 10.5.3
Apple Mac Os X 10.5
Apple Mac Os X 10.5.4
Apple Mac Os X Server 10.5.2
Apple Mac Os X 10.5.2
Apple Mac Os X Server 10.5
Apple Mac Os X Server 10.5.1
Apple Mac Os X 10.5.1
Apple Mac Os X Server 10.5.4
Apple Mac Os X Server 10.5.3
NA
CVE-2007-0719
Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 up to and including 10.4.8 allows remote user-assisted malicious users to execute arbitrary code via an image with a crafted ColorSync profile.
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.7
Apple Mac Os X 10.4.8
Apple Mac Os X Server 10.4.5
Apple Mac Os X Server 10.4.6
Apple Mac Os X 10.4
Apple Mac Os X 10.4.1
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4
Apple Mac Os X Server 10.4.7
Apple Mac Os X Server 10.4.8
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.6
Apple Mac Os X Server 10.4.3
Apple Mac Os X Server 10.4.4
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.3
Apple Mac Os X Server 10.4.1
Apple Mac Os X Server 10.4.2
NA
CVE-2005-0127
Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote malicious users to link mail messages to a particular machine.
Apple Mac Os X Server 10.3.7
Apple Mac Os X 10.3.7
NA
CVE-2007-3755
Mail in Apple iPhone 1.1.1 allows remote user-assisted malicious users to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number.
Apple Iphone Os 1.0.2
Apple Iphone 1.0
Apple Iphone Os 1.0.1
NA
CVE-2015-5855
Apple iOS prior to 9 allows malicious users to discover the e-mail address of a player via a crafted Game Center app.
Apple Watchos 1.0
Apple Iphone Os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »