Lucene search
K
AppleIphone

9 matches found

CVE
CVE
added 2022/03/18 5:59 p.m.229 views

CVE-2022-22592

CVE-2022-22592 is a WebKit/WebKitGTK logic issue (state management) that may allow malicious web content to bypass or prevent enforcement of Content Security Policy. In the connected advisories, the vulnerability is cited across multiple ecosystems: Apple platforms (WebKit/WebKitGPU stack) with f...

6.5CVSS6.3AI score0.01495EPSS
CVE
CVE
added 2008/09/10 4:0 p.m.140 views

CVE-2008-3632

CVE-2008-3632 is a WebKit use-after-free vulnerability reported in SUSE/Nessus entries, affecting Apple iPod touch (1.1–2.0.2) and iPhone (1.0–2.0.2). The flaw arises in the CSS import handling of WebKit, enabling a remote attacker to trigger arbitrary code execution or cause an application crash...

9.3CVSS7.8AI score0.05951EPSS
CVE
CVE
added 2008/01/16 1:0 a.m.91 views

CVE-2008-0034

The set of connected sources provides concrete details for CVE-2008-0034: Apple iPhone 1.0–1.1.2 Passcode Lock can be bypassed by a user with physical access through emergency-call handling, allowing execution of applications without entering the passcode. The affected software is the iPhone’s Pa...

4.6CVSS6AI score0.00355EPSS
CVE
CVE
added 2008/09/16 11:0 p.m.64 views

CVE-2008-3950

The CVE is based on a real DoS vulnerability in WebKit used by Safari on iPhone/iPod touch (versions 1.1.4 and 2.0). The issue is an off-by-one in _web_drawInRect:withFont:ellipsis:alignment:measureOnly: triggered by a crafted alert() string with a length that is a multiple of the 4096-byte memor...

5CVSS6.1AI score0.07084EPSS
CVE
CVE
added 2007/09/27 9:0 p.m.63 views

CVE-2007-3753

CVE-2007-3753 affects Apple iPhone 1.1.1 with Bluetooth enabled. The issue arises in the Bluetooth SDP packet handling, where insufficient input validation allows a physically proximate attacker to terminate the affected application (DoS) and potentially execute arbitrary code. The vulnerability ...

7.5CVSS7.3AI score0.02808EPSS
CVE
CVE
added 2007/09/27 9:0 p.m.62 views

CVE-2007-3755

The CVE-2007-3755 issue affects the Apple iPhone’s Mail client (around v1.1.1) where embedded tel: links can trigger phone calls without user confirmation. The root cause is processing tel: hyperlinks in the Mail client that allows remote user-assisted attackers to cause the device to dial arbitr...

4.3CVSS6.2AI score0.01998EPSS
CVE
CVE
added 2008/10/17 8:0 p.m.62 views

CVE-2008-4593

Summary: CVE-2008-4593 (Apple iPhone OS 1.0–2.1 / iPod touch 1.1–2.1) allows physically proximate attackers to view sensitive SMS content by exploiting the Emergency Call screen when Passcode is required and SMS Preview is off. The linked documents (CVE-2008-4230, PRION/N) describe the same issue...

1.2CVSS5.6AI score0.00323EPSS
CVE
CVE
added 2007/09/27 9:0 p.m.61 views

CVE-2007-3754

CVE-2007-3754 : The Apple iPhone Mail client in iPhone OS 1.1.1 does not warn users when the mail server identity changes or is untrusted while using SSL, which could enable a remote attacker to perform a MITM, stealing credentials and reading email. The available connected sources confirm the af...

4.3CVSS6.1AI score0.01841EPSS
CVE
CVE
added 2008/09/02 2:0 p.m.43 views

CVE-2008-3876

CVE-2008-3876 affects Apple iPhone 2.0.2. In certain configurations, an attacker physically proximate can bypass intended access restrictions and either obtain sensitive information or make arbitrary use of the device by performing an Emergency Call tap, a Home double-tap, and then tapping a cont...

1.9CVSS6AI score0.00457EPSS