Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Itunes
Total 917 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7156 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7153 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401 Unauthorized redirect.
CVE-2017-7151 2 Apple, Microsoft 6 Iphone Os, Itunes, Mac Os X and 3 more 2024-11-21 5.1 MEDIUM 7.0 HIGH
A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.
CVE-2017-7120 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7117 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7111 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7109 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted web content that incorrectly interacts with the Application Cache policy.
CVE-2017-7107 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7104 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7102 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7100 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7099 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7098 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7096 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7095 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7094 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7093 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7092 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7091 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-7090 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive cookie information via a custom URL scheme.