2020

2019

2018

2017

2016

2015

CVE-2015-1061 (v2: 9.3) 12 Mar 2015
IOSurface in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages "type confusion" during serialized-object handling.

2014

2013

2012

CVE-2012-0671 (v2: 9.3) 16 May 2012
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.

2011

CVE-2011-0224 (v2: 6.8) 14 Oct 2011
CoreMedia in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QuickTime movie file.
CVE-2011-3221 (v2: 6.8) 14 Oct 2011
QuickTime in Apple Mac OS X before 10.7.2 does not properly handle the atom hierarchy in movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file.
CVE-2011-3228 (v2: 6.8) 14 Oct 2011
QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.
CVE-2011-3256 (v2: 4.3) 14 Oct 2011
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226.
CVE-2011-3260 (v2: 6.8) 14 Oct 2011
Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word document.
CVE-2011-3261 (v2: 6.8) 14 Oct 2011
Double free vulnerability in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Excel spreadsheet.