CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20159 – rf Keynote rumble.rb cross site scripting
https://notcve.org/view.php?id=CVE-2017-20159
31 Dec 2022 — A vulnerability was found in rf Keynote up to 0.x on Rails. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. • https://github.com/rf-/keynote/commit/05be4356b0a6ca7de48da926a9b997beb5ffeb4a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2017-2391 – Apple Security Advisory 2017-03-27-1
https://notcve.org/view.php?id=CVE-2017-2391
27 Mar 2017 — An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are affected. The issue involves the "Export" component. It allows users to bypass iWork PDF password protection by leveraging use of 40-bit RC4. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/97126 • CWE-326: Inadequate Encryption Strength •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7032 – Apple Security Advisory 2015-10-15-1
https://notcve.org/view.php?id=CVE-2015-7032
16 Oct 2015 — The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to obtain sensitive information via a crafted document. La aplicación Apple iWork en versiones anteriores a 2.6 para iOS, Apple Keynote en versiones anteriores a 6.6, Apple Pages en versiones anteriores a 5.6 y Apple Numbers en versiones anteriores a 3.6 permite a atacantes remotos obtener información sensible a través de un documento manipulado. Keynote 6.6, ... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-7033 – Apple Security Advisory 2015-10-15-1
https://notcve.org/view.php?id=CVE-2015-7033
16 Oct 2015 — The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted document. La aplicación Apple iWork en versiones anteriores a 2.6 para iOS, Apple Keynote en versiones anteriores a 6.6, Apple Pages en versiones anteriores a 5.6 y Apple Numbers en versiones anteriores a 3.6 permite a atacantes remotos ejecutar códig... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-3784 – Apple Security Advisory 2015-10-15-1
https://notcve.org/view.php?id=CVE-2015-3784
13 Aug 2015 — Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Vulnerabilidad en Office Viewer en Apple iOS en versiones anteriores a 8.4.1 y OS X en versiones anteriores a 10.10.5, permite a atacantes remotos leer archivos arbitrarios a través de un documento XML que contiene una declaración de entidad externa ... • http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 0CVE-2013-5148
https://notcve.org/view.php?id=CVE-2013-5148
24 Oct 2013 — Apple Keynote before 6.0 does not properly handle the interaction between Keynote presentation mode and the Screen Lock implementation, which allows physically proximate attackers to obtain access by visiting an unattended workstation on which this mode was enabled during a sleep operation. Keynote de Apple antes de 6.0 no controla correctamente la interacción entre el modo de presentación de Keynote y la aplicación de bloqueo de pantalla, lo que permite a atacantes físicamente próximos a obtener acceso al ... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00005.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2005-1408
https://notcve.org/view.php?id=CVE-2005-1408
26 May 2005 — Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation. • http://lists.apple.com/archives/security-announce/2005/May/msg00005.html •