cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-44157,https://securityvulnerability.io/vulnerability/CVE-2024-44157,Apple TV 1.5.0.152 Update Fixes Stack Buffer Overflow Vulnerability,"A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,"Apple Tv For Windows,Itunes For Windows",5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-10-11T17:26:55.533Z,0
CVE-2024-44193,https://securityvulnerability.io/vulnerability/CVE-2024-44193,Logic Issue in iTunes for Windows Leads to Privilege Escalation Vulnerability,A logic issue present in iTunes for Windows has the potential to allow local attackers to elevate their privileges. This vulnerability has been mitigated in iTunes version 12.13.3 through improved restrictions to prevent unauthorized privilege escalation. Users of affected versions are encouraged to upgrade promptly to ensure their systems remain secure.,Apple,Itunes,7.8,HIGH,0.0004299999854993075,false,,false,false,true,2024-10-04T23:20:15.000Z,true,false,false,,2024-10-02T15:15:00.000Z,0
CVE-2024-27793,https://securityvulnerability.io/vulnerability/CVE-2024-27793,iTunes 12.13.2 for Windows Fixes Parsing Issue Leading to Unexpected App Termination or Arbitrary Code Execution,"A file parsing vulnerability in iTunes for Windows has been identified, which could potentially result in unexpected termination of the application or the possibility of arbitrary code execution. This issue is addressed in the updated version 12.13.2 of iTunes for Windows, which includes improved checks to mitigate these risks. Users are encouraged to update to the latest version to ensure their systems are secure and protected from potential exploitation.",Apple,Itunes For Windows,7.8,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-05-14T15:13:00.000Z,0
CVE-2022-48611,https://securityvulnerability.io/vulnerability/CVE-2022-48611,iTunes Fixes Logic Issue to Prevent Local Privilege Elevation,"A logic issue in iTunes for Windows has been addressed with enhanced checks designed to prevent local attackers from elevating their privileges. Users of iTunes are advised to update to the latest version, which includes fixes to mitigate potential exploitation of this vulnerability. Maintaining an updated version of software is crucial for protecting systems against emerging threats.",Apple,Itunes For Windows,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-26T19:40:16.059Z,0
CVE-2023-42938,https://securityvulnerability.io/vulnerability/CVE-2023-42938,"iTunes 12.13.1 for Windows Patches Logic Issue, Improves Privileges Checks","A vulnerability exists in Apple iTunes for Windows due to a logic flaw that may permit local attackers to elevate their privileges. This issue, which could potentially compromise system integrity and user security, has been addressed with improved validation checks in the latest version. Users are strongly encouraged to update to iTunes 12.13.1 to ensure their systems are protected against this exploit.",Apple,Itunes For Windows,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-14T18:24:02.258Z,0
CVE-2023-32353,https://securityvulnerability.io/vulnerability/CVE-2023-32353,Privilege Escalation Vulnerability in iTunes for Windows by Apple,"A logic issue present in iTunes for Windows has been reported that could allow an application to elevate its privileges. This flaw has been addressed by Apple in version 12.12.9, which includes enhanced checks to mitigate the risk of unauthorized access. Users are encouraged to update to the latest version to safeguard against potential exploitation.",Apple,Itunes For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,true,2023-06-08T20:43:03.000Z,true,false,false,,2023-06-23T00:00:00.000Z,0
CVE-2023-32351,https://securityvulnerability.io/vulnerability/CVE-2023-32351,Logic Issue in iTunes for Windows Enables Elevated Privileges,"A logic issue in iTunes for Windows has been identified, which may allow an application to gain elevated privileges. This vulnerability was addressed with improved checks in the latest update, iTunes 12.12.9 for Windows. It is essential for users to update their software to prevent potential exploitation.",Apple,Itunes For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-06-23T00:00:00.000Z,0
CVE-2020-36521,https://securityvulnerability.io/vulnerability/CVE-2020-36521,Out-of-Bounds Read Vulnerability in Apple iCloud and Other Products,"An out-of-bounds read vulnerability has been identified in Apple products, particularly affecting iCloud, iOS, iPadOS, watchOS, tvOS, and iTunes. This vulnerability arises from improper input validation when processing maliciously crafted TIFF files. Exploiting this flaw may lead to a denial-of-service situation, potentially allowing unauthorized disclosure of memory contents. Apple has addressed this issue across multiple versions of its products to enhance security and protect user data.",Apple,"Itunes For Windows,iOS And iPad OS,Icloud For Windows,Watch OS",7.1,HIGH,0.0013800000306218863,false,,false,false,false,,,false,false,,2022-09-23T18:58:31.000Z,0
CVE-2022-26774,https://securityvulnerability.io/vulnerability/CVE-2022-26774,Logic Issue in iTunes for Windows Allows Local Privilege Escalation,"A logic issue in iTunes for Windows was identified, which could be exploited by a local attacker to elevate their privileges. This vulnerability has been addressed with improved state management in iTunes version 12.12.4. Users are advised to update their software to mitigate potential risks associated with this vulnerability.",Apple,Itunes For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-05-26T19:28:46.000Z,0
CVE-2022-26773,https://securityvulnerability.io/vulnerability/CVE-2022-26773,Logic Issue in iTunes Software by Apple,"A logic issue has been identified in Apple's iTunes software that can lead to unauthorized file deletions. Specifically, the application has been found to potentially allow for the deletion of files without having proper permissions. This situation arises from inadequate state management within the application. The issue has been addressed in iTunes version 12.12.4 for Windows, enhancing its security and protecting against potential exploitation.",Apple,Itunes For Windows,7.1,HIGH,0.005919999908655882,false,,false,false,false,,,false,false,,2022-05-26T19:28:04.000Z,0
CVE-2018-4302,https://securityvulnerability.io/vulnerability/CVE-2018-4302,Null Pointer Dereference in Apple Products Affecting macOS and iOS,"This vulnerability is characterized by a null pointer dereference, which can occur when processing specially crafted XML files. If exploited, it may lead to unexpected termination of applications or allow for arbitrary code execution on affected devices. Apple has released updates to address this issue in several products, enhancing validation mechanisms to prevent potential exploitation. Users of macOS High Sierra, iOS, and other related platforms should ensure they are running the latest versions to safeguard their systems.",Apple,"iOS,Watch OS,Itunes For Windows,Icloud For Windows,Mac OS",7.8,HIGH,0.0014400000218302011,false,,false,false,false,,,false,false,,2021-12-23T19:48:29.000Z,0
CVE-2021-30835,https://securityvulnerability.io/vulnerability/CVE-2021-30835,Arbitrary Code Execution Vulnerability in Apple Products,"This vulnerability allows an attacker to execute arbitrary code by processing a specially crafted image in various Apple products. The issue arises from insufficient validation checks, leading to a breach of security that can compromise the integrity of the affected system. Users are advised to upgrade to the latest security updates provided by Apple to mitigate potential risks.",Apple,"Security Update - Catalina,Ios And iPad OS,TV OS,Itunes For Windows,Watch OS",7.8,HIGH,0.0025599999353289604,false,,false,false,false,,,false,false,,2021-10-19T13:11:52.000Z,0
CVE-2021-30849,https://securityvulnerability.io/vulnerability/CVE-2021-30849,"Memory Corruption Issues in Apple's iOS, watchOS, Safari, and more","Apple's recent updates addressed multiple memory corruption vulnerabilities that could be exploited through maliciously crafted web content. These flaws could lead to arbitrary code execution, potentially compromising the security of affected devices. Users are urged to update to the latest versions of iOS, iPadOS, watchOS, Safari, tvOS, and iTunes to mitigate these risks.",Apple,"Ios And iPad OS,TV OS,Safari,Itunes For Windows,Watch OS",7.8,HIGH,0.0014100000262260437,false,,false,false,false,,,false,false,,2021-10-19T13:11:42.000Z,0
CVE-2021-1811,https://securityvulnerability.io/vulnerability/CVE-2021-1811,Logic Issue in iTunes and Apple Products Leading to Memory Disclosure,"A logic issue in various Apple products was addressed, focusing on improved state management. This vulnerability arises when processing a specially crafted font, which could potentially lead to the unauthorized disclosure of process memory. Users are encouraged to update their systems to the latest versions to mitigate any risks.",Apple,"iOS And iPad OS,Itunes For Windows,Icloud For Windows,TV OS,Watch OS,Mac OS",6.5,MEDIUM,0.003229999914765358,false,,false,false,false,,,false,false,,2021-09-08T14:55:54.000Z,0
CVE-2021-1825,https://securityvulnerability.io/vulnerability/CVE-2021-1825,Input Validation Flaw in Apple Software Products,"An input validation flaw discovered in various Apple software products could lead to cross-site scripting (XSS) attacks. This vulnerability arises from improper handling of maliciously crafted web content, which could potentially be exploited by attackers. Users are urged to update their systems to the latest versions to mitigate the risks associated with this vulnerability.",Apple,"iOS And iPad OS,Safari,Itunes For Windows,Icloud For Windows,TV OS,Watch OS,Mac OS",6.1,MEDIUM,0.002899999963119626,false,,false,false,false,,,false,false,,2021-09-08T14:55:15.000Z,0
CVE-2021-1857,https://securityvulnerability.io/vulnerability/CVE-2021-1857,Memory Handling Issue in iTunes and Multiple Apple Products,"A memory handling flaw allows for potential disclosure of sensitive user information when maliciously crafted web content is processed in affected Apple products. The issue has been addressed in several updates, ensuring enhanced memory management to prevent exploitation.",Apple,"iOS And iPad OS,Itunes For Windows,Icloud For Windows,TV OS,Watch OS,Mac OS",6.5,MEDIUM,0.003379999892786145,false,,false,false,false,,,false,false,,2021-09-08T14:44:51.000Z,0
CVE-2021-30862,https://securityvulnerability.io/vulnerability/CVE-2021-30862,Input Validation Issue in Apple iTunes U Product,"An input validation flaw in Apple iTunes U could allow an attacker to process a specially crafted URL, potentially leading to the execution of arbitrary JavaScript code. This vulnerability is addressed in iTunes U version 3.8.3 with enhanced input sanitization measures, mitigating the risk of exploitation from malicious URLs.",Apple,Itunes U,6.1,MEDIUM,0.0008900000248104334,false,,false,false,true,2025-02-05T10:34:09.000Z,true,false,false,,2021-08-24T18:49:27.000Z,0
CVE-2020-27895,https://securityvulnerability.io/vulnerability/CVE-2020-27895,,An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs.,Apple,Itunes For Windows,3.3,LOW,0.0005200000014156103,false,,false,false,false,,,false,false,,2020-12-08T20:06:07.000Z,0
CVE-2020-9947,https://securityvulnerability.io/vulnerability/CVE-2020-9947,,"A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.",Apple,"TV OS,Watch OS,Safari,iOS And iPad OS,Icloud For Windows,Itunes For Windows",8.8,HIGH,0.004689999856054783,false,,false,false,false,,,false,false,,2020-12-08T19:21:36.000Z,0
CVE-2020-3864,https://securityvulnerability.io/vulnerability/CVE-2020-3864,,"A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.",Apple,"iOS And iPad OS,TV OS,Safari,Itunes For Windows,Icloud For Windows",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-10-27T20:10:02.000Z,0
CVE-2019-8898,https://securityvulnerability.io/vulnerability/CVE-2019-8898,,"An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has visited.",Apple,"iOS And iPad OS,TV OS,Safari,Itunes For Windows",4.3,MEDIUM,0.0010999999940395355,false,,false,false,false,,,false,false,,2020-10-27T20:09:05.000Z,0
CVE-2019-8846,https://securityvulnerability.io/vulnerability/CVE-2019-8846,,"A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.",Apple,"iOS And iPad OS,TV OS,Safari,Itunes For Windows,Icloud For Windows",8.8,HIGH,0.016580000519752502,false,,false,false,false,,,false,false,,2020-10-27T20:07:50.000Z,0
CVE-2019-8844,https://securityvulnerability.io/vulnerability/CVE-2019-8844,,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.",Apple,"iOS And iPad OS,Watch OS,TV OS,Safari,Itunes For Windows,Icloud For Windows",8.8,HIGH,0.035339999943971634,false,,false,false,false,,,false,false,,2020-10-27T19:55:10.000Z,0
CVE-2019-8835,https://securityvulnerability.io/vulnerability/CVE-2019-8835,,"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.",Apple,"iOS And iPad OS,TV OS,Safari,Itunes For Windows,Icloud For Windows",8.8,HIGH,0.007029999978840351,false,,false,false,false,,,false,false,,2020-10-27T19:53:59.000Z,0
CVE-2019-8827,https://securityvulnerability.io/vulnerability/CVE-2019-8827,,"The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited.",Apple,"iOS And iPad OS,TV OS,Safari,Itunes For Windows,Icloud For Windows",4.3,MEDIUM,0.0016499999910593033,false,,false,false,false,,,false,false,,2020-10-27T19:53:30.000Z,0