Total
3596 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-1045 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
CVE-2013-5152 | 1 Apple | 1 Iphone Os | 2023-12-10 | 4.3 MEDIUM | N/A |
Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site. | |||||
CVE-2013-0978 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 2.1 LOW | N/A |
The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code. | |||||
CVE-2013-1036 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
Safari in Apple iOS before 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. | |||||
CVE-2013-5137 | 1 Apple | 1 Iphone Os | 2023-12-10 | 2.6 LOW | N/A |
IOKit in Apple iOS before 7 allows attackers to send user-interface events to the foreground app by leveraging control over a background app and using the (1) task-completion API or (2) VoIP API. | |||||
CVE-2011-3081 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. | |||||
CVE-2013-5161 | 1 Apple | 1 Iphone Os | 2023-12-10 | 4.4 MEDIUM | N/A |
Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or read the list of all recently opened apps, by leveraging unspecified transition errors. | |||||
CVE-2013-1005 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Windows 7 and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | |||||
CVE-2011-2391 | 1 Apple | 3 Iphone Os, Itunes, Mac Os X | 2023-12-10 | 6.1 MEDIUM | N/A |
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. | |||||
CVE-2011-3056 | 3 Apple, Google, Opensuse | 4 Iphone Os, Safari, Chrome and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." | |||||
CVE-2012-3728 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.9 MEDIUM | N/A |
The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls. | |||||
CVE-2013-0953 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
CVE-2013-1041 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
CVE-2013-0979 | 1 Apple | 1 Iphone Os | 2023-12-10 | 1.9 LOW | N/A |
lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the permission-setting step of a backup restoration, which allows local users to change the permissions of arbitrary files via a backup that contains a pathname with a symlink. | |||||
CVE-2013-0962 | 1 Apple | 1 Iphone Os | 2023-12-10 | 2.6 LOW | N/A |
Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation. | |||||
CVE-2013-1007 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Windows 7 and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | |||||
CVE-2013-0981 | 1 Apple | 2 Iphone Os, Tvos | 2023-12-10 | 7.2 HIGH | N/A |
The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code. | |||||
CVE-2012-3750 | 1 Apple | 1 Iphone Os | 2023-12-10 | 3.6 LOW | N/A |
The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors. | |||||
CVE-2011-3102 | 2 Apple, Google | 2 Iphone Os, Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2013-5126 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. |