Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple cfnetwork vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-0641
CFNetwork in Apple iOS prior to 5.1 does not properly construct request headers during parsing of URLs, which allows remote malicious users to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.
Apple Iphone Os
5
CVSSv2
CVE-2015-1090
CFNetwork in Apple iOS prior to 8.3 does not delete HTTP Strict Transport Security (HSTS) state information in response to a Safari history-clearing action, which allows malicious users to obtain sensitive information by reading a history file.
Apple Iphone Os
5
CVSSv2
CVE-2016-1801
The CFNetwork Proxies subsystem in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, and tvOS prior to 9.2.1 mishandles URLs in http and https requests, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Apple Mac Os X
Apple Iphone Os
Apple Tvos
7.5
CVSSv2
CVE-2006-1441
Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote malicious users to execute arbitrary code via crafted chunked transfer encoding.
Apple Mac Os X 10.4.6
2.6
CVSSv2
CVE-2007-4679
CFFTP in CFNetwork for Apple Mac OS X 10.4 up to and including 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.
Apple Mac Os X
8.8
CVSSv2
CVE-2007-4709
Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote malicious users to overwrite arbitrary files via a crafted HTTP response.
Apple Mac Os X 10.5.1
5
CVSSv2
CVE-2010-0925
cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windows, allows remote malicious users to cause a denial of service (application crash) via a long string in the SRC attribute of a (1) IMG or (2) IFRAME element.
Apple Safari 4.0.4
4.3
CVSSv2
CVE-2008-1580
CFNetwork in Safari in Apple Mac OS X prior to 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information (Subject data) from personally identifiable certificates, and ...
Apple Safari
9.3
CVSSv2
CVE-2017-13829
An issue exists in certain Apple products. macOS prior to 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Apple Mac Os X
9.3
CVSSv2
CVE-2017-13833
An issue exists in certain Apple products. macOS prior to 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Apple Mac Os X
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6