CVE-1999-0161

In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering...

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to bypass intended access restrictions for iCloud user records via a crafted app...

Apple iOS 10.3 - UI SMS Access Permission Vulnerability

Document Title: =============== Apple iOS 10.3 - UI SMS Access Permission Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2078 Apple Security ID: 666589482 Video: https://www.vulnerability-lab.com/getcontent.php?id=2079 Vulnerability...

Design/Logic Flaw

Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file...

Apple iOS 10.3 - MobileData Access Permission Vulnerability

Document Title: =============== Apple iOS 10.3 - MobileData Access Permission Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2077 Video: https://www.youtube.com/watch?v=XAv5v01PN6Q News Article:...

Apple iOS 10.3 - MobileData Access Permission Vulnerability

Document Title: =============== Apple iOS 10.3 - MobileData Access Permission Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2077 Video: https://www.youtube.com/watch?v=XAv5v01PN6Q News Article:...

Apple iOS 10.3 - Control Panel Denial of Service Vulnerability

Document Title: =============== Apple iOS 10.3 - Control Panel Denial of Service Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2059 Video: https://www.youtube.com/watch?v=MSscCLATxPQ Release Date: ============= 2017-04-27 Vulnerability Laboratory ID...

Apple iOS 10.3 - Control Panel Denial of Service Vulnerability

Document Title: =============== Apple iOS 10.3 - Control Panel Denial of Service Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2059 Video: https://www.youtube.com/watch?v=MSscCLATxPQ Release Date: ============= 2017-04-26 Vulnerability Laboratory ID...

CVE-2017-2474

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. An off-by-one error allows attackers to execute arbitrary code in a privileged...

CVE-2017-2472

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause...

CVE-2017-2404

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Quick Look" component. It allows remote attackers to trigger telephone calls to arbitrary numbers via a tel: URL in a PDF document, as exploited in the wild in October 2016...

CVE-2017-2423

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successful result from a SecKeyRawVerify API call with a...

Memory corruption

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Security" component. It allows remote attackers to execute arbitrary code or cause a denial of...

Out-of-bounds

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to obtain sensitive information or cause a denial...

CVE-2017-2399

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID rather than that UID in...

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to read text messages on the lock screen via unspecified vectors...

Memory corruption

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web si...

CVE-2017-2393

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Safari Reader" component. It allows remote attackers to conduct Universal XSS UXSS attacks via a crafted web site...

CVE-2017-2376

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading of a page...

CVE-2017-2399

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID rather than that UID in...