Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple mail - vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2007-5855
Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assistant, can use plaintext authentication even when MD5 Challenge-Response authentication is available, which makes it easier for remote malicious users to sniff account activity.
Apple Mac Os X 10.4.11
Apple Mac Os X 10.5.1
4
CVSSv2
CVE-2019-8645
An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position m...
Apple Mac Os X
5.1
CVSSv2
CVE-2006-0395
The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote malicious users to execute arbitrary code via crafted file types.
Apple Mac Os X 10.4.5
Apple Mac Os X Server 10.4.5
2 EDB exploits
7.5
CVSSv2
CVE-2006-3505
WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated.
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4.7
Apple Mac Os X 10.3.9
Apple Mac Os X 10.4.7
5
CVSSv2
CVE-2015-7761
Mail in Apple OS X prior to 10.11 does not properly recognize user preferences, which allows malicious users to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760.
Apple Mac Os X
5
CVSSv2
CVE-2014-8839
Spotlight in Apple OS X prior to 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote malicious users to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests fo...
Apple Mac Os X
4.3
CVSSv2
CVE-2018-4111
An issue exists in certain Apple products. macOS prior to 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle malicious users to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but lacks...
Apple Mac Os X
5
CVSSv2
CVE-2017-7141
An issue exists in certain Apple products. macOS prior to 10.13 is affected. The issue involves the "Mail" component. It allows remote malicious users to bypass an intended off value of the "Load remote content in messages" setting, and consequently discover a...
Apple Mac Os X
5
CVSSv2
CVE-2017-13871
An issue exists in certain Apple products. macOS prior to 10.13.2 is affected. The issue involves the "Mail" component. It allows remote malicious users to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the lack of installation of...
Apple Mac Os X
1 Article
5
CVSSv2
CVE-2015-5909
IDE Xcode Server in Apple Xcode prior to 7.0 does not properly restrict access to repository e-mail lists, which allows remote malicious users to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery.
Apple Xcode
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »