Vulmon
WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site....
WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site....
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at...
Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow....
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in command line arguments, which allows local users to read the passwords via process listings....
The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature....
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14....
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2....
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs...
Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate....