Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mail - vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-3873
This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messages” may not apply to all mail previews.
Apple Ipados
Apple Iphone Os
5.8
CVSSv2
CVE-2021-30741
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.
Apple Iphone Os
Apple Ipados
6.5
CVSSv2
CVE-2010-0535
Dovecot in Apple Mac OS X 10.6 prior to 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
Apple Mac Os X Server 10.6.1
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.2
Apple Mac Os X Server 10.6.0
Apple Mac Os X Server 10.6.2
5
CVSSv2
CVE-2005-2746
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.2
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4.2
5
CVSSv2
CVE-2021-30997
A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail.
Apple Iphone Os
Apple Ipados
4.3
CVSSv2
CVE-2007-2401
CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone prior to 1.0.1, allows remote malicious users to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializing headers via the se...
Apple Mac Os X Server 10.4.9
Apple Mac Os X 10.4.9
Apple Mac Os X Server 10.3.9
Apple Mac Os X 10.3.9
1 EDB exploit
5
CVSSv2
CVE-2010-1226
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote malicious users to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed charac...
Apple Iphone Os 3.1
Apple Iphone Os 3.1.3
1 EDB exploit
5
CVSSv2
CVE-2017-7078
An issue exists in certain Apple products. iOS prior to 11 is affected. macOS prior to 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote malicious users to obtain sensitive information by reading unintended cleartext transmissions.
Apple Iphone Os
Apple Mac Os X
5
CVSSv2
CVE-2018-4227
An issue exists in certain Apple products. iOS prior to 11.4 is affected. macOS prior to 10.13.5 is affected. The issue involves the "Mail" component. It allows remote malicious users to read the cleartext content of S/MIME encrypted messages via direct exfiltration.
Apple Mac Os X
Apple Iphone Os
7.8
CVSSv2
CVE-2005-4504
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and previous versions, as used by Safari and TextEdit, allows remote malicious users to cause a denial of service (memory consumption and application crash) via HTML files with a large ROWS...
Apple Safari 1.1
Apple Safari 1.2
Apple Safari 2.0.2
Apple Textedit
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 1.0
Apple Safari 2.0
Apple Safari 2.0.1
Apple Safari 1.2.3
Apple Safari 1.3
Apple Mac Os X 10.1
Apple Mac Os X 10.1.1
Apple Mac Os X 10.2.3
Apple Mac Os X 10.2.4
Apple Mac Os X 10.3.2
Apple Mac Os X 10.3.3
Apple Mac Os X 10.4
Apple Mac Os X 10.4.1
Apple Mac Os X Server 10.1.4
Apple Mac Os X Server 10.1.5
Apple Mac Os X Server 10.2.6
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »