Total
3596 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-1046 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
CVE-2012-3724 | 1 Apple | 1 Iphone Os | 2023-12-10 | 5.0 MEDIUM | N/A |
CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows remote attackers to obtain sensitive information by leveraging the construction of an HTTP request with an incorrect hostname derived from a malformed URL. | |||||
CVE-2013-1002 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Windows 7 and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | |||||
CVE-2013-5158 | 1 Apple | 1 Iphone Os | 2023-12-10 | 2.1 LOW | N/A |
The Social subsystem in Apple iOS before 7 does not properly restrict access to the cache of Twitter icons, which allows physically proximate attackers to obtain sensitive information about recent Twitter interaction via unspecified vectors. | |||||
CVE-2013-2842 | 2 Apple, Google | 2 Iphone Os, Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets. | |||||
CVE-2012-3726 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. | |||||
CVE-2013-5131 | 1 Apple | 1 Iphone Os | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
CVE-2013-1043 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
CVE-2013-5198 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
CVE-2013-1025 | 1 Apple | 2 Iphone Os, Mac Os X | 2023-12-10 | 6.8 MEDIUM | N/A |
Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document. | |||||
CVE-2012-3687 | 1 Apple | 2 Iphone Os, Itunes | 2023-12-10 | 9.3 HIGH | N/A |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
CVE-2011-3050 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | |||||
CVE-2012-3748 | 1 Apple | 2 Iphone Os, Safari | 2023-12-10 | 5.1 MEDIUM | N/A |
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. | |||||
CVE-2012-3727 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
Buffer overflow in the IPsec component in Apple iOS before 6 allows remote attackers to execute arbitrary code via a crafted racoon configuration file. | |||||
CVE-2013-1019 | 2 Apple, Microsoft | 5 Iphone Os, Quicktime, Windows 7 and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | |||||
CVE-2011-3074 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. | |||||
CVE-2013-0958 | 1 Apple | 1 Iphone Os | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
CVE-2013-5197 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2023-12-10 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
CVE-2013-0980 | 1 Apple | 1 Iphone Os | 2023-12-10 | 2.1 LOW | N/A |
The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging an error in the emergency-call feature. | |||||
CVE-2012-2648 | 2 Apple, Goodiware | 4 Ipad, Iphone Os, Ipod Touch and 1 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser. |