Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Itunes
(Apple)| Repositories | https://github.com/WebKit/webkit |
| #Vulnerabilities | 907 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-04-03 | CVE-2018-4319 | A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | Icloud, Iphone_os, Itunes, Safari | 8.1 | ||
| 2018-04-03 | CVE-2018-4162 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux, Webkitgtk\+ | 8.8 | ||
| 2010-12-07 | CVE-2010-4494 | Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Debian_linux, Fedora, Chrome, Insight_control_server_deployment, Rapid_deployment_pack, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2 | N/A | ||
| 2010-09-24 | CVE-2010-1824 | Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. | Itunes, Chrome | N/A | ||
| 2010-09-24 | CVE-2010-1823 | Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. | Itunes, Safari, Chrome | N/A | ||
| 2011-03-11 | CVE-2011-1204 | Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-11 | CVE-2011-1203 | Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-01 | CVE-2011-1121 | Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-01 | CVE-2011-1117 | Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-01 | CVE-2011-1115 | Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | Iphone_os, Itunes, Safari, Chrome | N/A |