聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2010-0036 | Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. | 7.8 | 3.80% | 2010-01-20 | 2026-06-16 |
| CVE-2010-0037 | Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image. | 8.8 | 4.96% | 2010-01-20 | 2026-06-16 |
| CVE-2010-0038 | Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption. | 4.6 | 0.36% | 2010-02-03 | 2026-06-16 |
| CVE-2010-0040 | Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow. | 9.3 | 6.47% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0041 | ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image. | 4.3 | 2.52% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0042 | ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image. | 4.3 | 2.52% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0043 | ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image. | 9.3 | 5.80% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0044 | PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed. | 4.3 | 1.53% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0045 | Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document. | 9.3 | 4.40% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0046 | The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments. | 9.3 | 5.93% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0047 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content." | 8.8 | 5.04% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0048 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | 8.8 | 5.04% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0049 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. | 9.3 | 10.94% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0050 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags. | 8.8 | 11.64% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0051 | WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651. | 4.3 | 2.80% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0052 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements." | 9.3 | 6.05% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0053 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property. | 9.3 | 6.05% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0054 | Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements. | 9.3 | 6.05% | 2010-03-15 | 2026-06-16 |
| CVE-2010-0056 | Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document. | 6.8 | 2.53% | 2010-03-30 | 2026-06-16 |
| CVE-2010-0057 | AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest use of AFP shares when guest access is disabled, which allows remote attackers to bypass intended access restrictions via a mount request. | 7.5 | 1.21% | 2010-03-30 | 2026-06-16 |