Apple Itunes vulnerabilities
922 known vulnerabilities affecting apple/itunes.
Total CVEs
922
CISA KEV
2
actively exploited
Public exploits
75
Exploited in wild
3
Severity breakdown
CRITICAL112HIGH479MEDIUM326LOW5
Vulnerabilities
Page 22 of 47
CVE-2017-2383LOWCVSS 3.1≤ 12.5.5.52017-04-02
CVE-2017-2383 [LOW] CVE-2017-2383: An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes
An issue was discovered in certain Apple products. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. The issue involves cleartext client-certificate transmission in the "APNs Server" component. It allows man-in-the-middle attackers to track users via correlation with this certificate.
nvd
CVE-2016-7648HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7648 [HIGH] CWE-119 CVE-2016-7648: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7656HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7656 [HIGH] CWE-119 CVE-2016-7656: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7641HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7641 [HIGH] CWE-119 CVE-2016-7641: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7611HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7611 [HIGH] CWE-119 CVE-2016-7611: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2017-2354HIGHCVSS 8.8fixed in 12.5.52017-02-20
CVE-2017-2354 [HIGH] CWE-119 CVE-2017-2354: An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corrupt
nvd
CVE-2017-2356HIGHCVSS 8.8fixed in 12.5.52017-02-20
CVE-2017-2356 [HIGH] CWE-119 CVE-2017-2356: An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corrupt
nvd
CVE-2016-7635HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7635 [HIGH] CWE-119 CVE-2016-7635: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7578HIGHCVSS 8.8fixed in 12.5.22017-02-20
CVE-2016-7578 [HIGH] CWE-119 CVE-2016-7578: An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1
An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruptio
nvd
CVE-2016-4743HIGHCVSS 7.1≤ 12.5.32017-02-20
CVE-2016-4743 [HIGH] CWE-119 CVE-2016-4743: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption and ap
nvd
CVE-2016-7654HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7654 [HIGH] CWE-119 CVE-2016-7654: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-4692HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-4692 [HIGH] CWE-119 CVE-2016-4692: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2017-2355HIGHCVSS 8.8fixed in 12.5.52017-02-20
CVE-2017-2355 [HIGH] CWE-119 CVE-2017-2355: An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized
nvd
CVE-2016-7587HIGHCVSS 8.8v12.5.32017-02-20
CVE-2016-7587 [HIGH] CWE-119 CVE-2016-7587: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7645HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7645 [HIGH] CWE-119 CVE-2016-7645: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7632HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7632 [HIGH] CWE-119 CVE-2016-7632: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7652HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7652 [HIGH] CWE-119 CVE-2016-7652: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7589HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7589 [HIGH] CWE-119 CVE-2016-7589: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruptio
nvd
CVE-2016-7640HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7640 [HIGH] CWE-119 CVE-2016-7640: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7610HIGHCVSS 8.8≤ 12.5.32017-02-20
CVE-2016-7610 [HIGH] CWE-119 CVE-2016-7610: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd