Lucene search

K
AppleIphone Os

3721 matches found

CVE
CVE
added 2015/04/10 2:59 p.m.54 views

CVE-2015-1119

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabi...

6.8CVSS8.9AI score0.00913EPSS
CVE
CVE
added 2015/04/10 2:59 p.m.54 views

CVE-2015-1122

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabi...

6.8CVSS8.9AI score0.00836EPSS
CVE
CVE
added 2015/07/03 2:0 a.m.54 views

CVE-2015-3727

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.

6.8CVSS7.6AI score0.00942EPSS
CVE
CVE
added 2015/08/16 11:59 p.m.54 views

CVE-2015-3735

WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVE...

6.8CVSS8.4AI score0.01643EPSS
CVE
CVE
added 2015/09/18 10:59 a.m.54 views

CVE-2015-5765

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5767.

4.3CVSS5.9AI score0.00846EPSS
CVE
CVE
added 2015/09/18 10:59 a.m.54 views

CVE-2015-5797

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01538EPSS
CVE
CVE
added 2015/09/18 10:59 a.m.54 views

CVE-2015-5799

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01538EPSS
CVE
CVE
added 2015/09/18 10:59 a.m.54 views

CVE-2015-5802

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS7.8AI score0.01538EPSS
CVE
CVE
added 2015/09/18 10:59 a.m.54 views

CVE-2015-5812

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01538EPSS
CVE
CVE
added 2015/09/18 11:0 a.m.54 views

CVE-2015-5860

The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site.

5CVSS5.9AI score0.00498EPSS
CVE
CVE
added 2015/09/18 12:0 p.m.54 views

CVE-2015-5867

IOHIDFamily in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.2AI score0.01084EPSS
CVE
CVE
added 2015/09/18 12:0 p.m.54 views

CVE-2015-5876

dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.1AI score0.01636EPSS
CVE
CVE
added 2015/10/23 9:59 p.m.54 views

CVE-2015-6977

FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7...

6.8CVSS7.4AI score0.03768EPSS
CVE
CVE
added 2015/10/23 9:59 p.m.54 views

CVE-2015-6988

The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.

10CVSS8.7AI score0.11013EPSS
CVE
CVE
added 2015/10/23 9:59 p.m.54 views

CVE-2015-6993

FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-7...

6.8CVSS7.4AI score0.03768EPSS
CVE
CVE
added 2015/10/23 9:59 p.m.54 views

CVE-2015-6995

The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.

6.8CVSS8.8AI score0.10588EPSS
Web
CVE
CVE
added 2015/12/11 11:59 a.m.54 views

CVE-2015-7047

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.

7.2CVSS7.5AI score0.00746EPSS
Web
CVE
CVE
added 2015/12/11 11:59 a.m.54 views

CVE-2015-7054

zlib in the Compression component in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 does not initialize memory for an unspecified data structure, which allows remote attackers to execute arbitrary code via a crafted web site.

6.8CVSS8.9AI score0.01142EPSS
CVE
CVE
added 2015/12/11 11:59 a.m.54 views

CVE-2015-7099

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2...

6.8CVSS8.9AI score0.01093EPSS
CVE
CVE
added 2015/12/11 12:0 p.m.54 views

CVE-2015-7103

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2...

6.8CVSS8.9AI score0.01093EPSS
CVE
CVE
added 2015/12/11 12:0 p.m.54 views

CVE-2015-7105

CoreGraphics in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file.

6.8CVSS9AI score0.02531EPSS
CVE
CVE
added 2016/02/01 11:59 a.m.54 views

CVE-2016-1725

WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726.

9.3CVSS7.7AI score0.01695EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.54 views

CVE-2016-4693

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the...

7.5CVSS5.9AI score0.00134EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.54 views

CVE-2016-7584

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "AppleMobileFileIntegrity" component, which allows remote attackers to spoof signed code by using ...

7.8CVSS6.6AI score0.00289EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.54 views

CVE-2016-7616

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Disk Images" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (mem...

9.3CVSS6.8AI score0.00173EPSS
CVE
CVE
added 2017/02/20 8:59 a.m.54 views

CVE-2016-7662

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which allows remote attackers to spoof certificates via unspecified vectors.

7.5CVSS5.7AI score0.00209EPSS
CVE
CVE
added 2017/04/02 1:59 a.m.54 views

CVE-2017-2400

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "SafariViewController" component. It allows attackers to obtain sensitive information by leveraging the SafariViewController's incorrect synchronization of Safari cache clearing.

5.3CVSS5.2AI score0.00247EPSS
CVE
CVE
added 2017/05/22 5:29 a.m.54 views

CVE-2017-2497

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows remote attackers to trigger visits to arbitrary URLs via a crafted book.

6.1CVSS6.3AI score0.00289EPSS
Web
CVE
CVE
added 2018/04/03 6:29 a.m.54 views

CVE-2018-4151

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

7.6CVSS7.2AI score0.00169EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.54 views

CVE-2018-4381

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in tvOS 12.1, iOS 12.1. Processing a maliciously crafted message may lead to a denial of service.

5.5CVSS5.2AI score0.00143EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.54 views

CVE-2018-4440

A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

4.3CVSS5.3AI score0.00344EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.54 views

CVE-2019-8618

A logic issue was addressed with improved restrictions. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A sandboxed process may be able to circumvent sandbox restrictions.

7.5CVSS6.8AI score0.00289EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.54 views

CVE-2019-8760

This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID.

6.8CVSS7.1AI score0.00129EPSS
CVE
CVE
added 2020/10/27 8:15 p.m.54 views

CVE-2019-8841

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.00061EPSS
CVE
CVE
added 2021/04/02 6:15 p.m.54 views

CVE-2020-29613

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.3 and iPadOS 14.3. An enterprise application installation prompt may display the wrong domain.

5.5CVSS5.6AI score0.00194EPSS
CVE
CVE
added 2020/11/13 3:15 p.m.54 views

CVE-2020-6147

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow.

8.8CVSS7.9AI score0.00213EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.54 views

CVE-2021-30699

A window management issue was addressed with improved state management. This issue is fixed in iOS 14.6 and iPadOS 14.6. A user may be able to view restricted content from the lockscreen.

4.6CVSS4.3AI score0.00063EPSS
CVE
CVE
added 2021/09/08 3:15 p.m.54 views

CVE-2021-30714

A race condition was addressed with improved state handling. This issue is fixed in iOS 14.6 and iPadOS 14.6. An application may be able to cause unexpected system termination or write kernel memory.

6.3CVSS5.6AI score0.0015EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.54 views

CVE-2021-30923

A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to execute arbitrary code with kernel privileges.

7.6CVSS7.1AI score0.00299EPSS
CVE
CVE
added 2022/11/01 8:15 p.m.54 views

CVE-2022-32865

The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.8AI score0.00078EPSS
CVE
CVE
added 2024/01/10 10:15 p.m.54 views

CVE-2022-42839

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to read sensitive location information.

3.3CVSS3.6AI score0.00076EPSS
CVE
CVE
added 2023/06/23 6:15 p.m.54 views

CVE-2023-32415

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to read sensitive location information.

5.5CVSS4.9AI score0.00036EPSS
CVE
CVE
added 2023/09/06 2:15 a.m.54 views

CVE-2023-32428

This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges.

7.8CVSS7.3AI score0.00912EPSS
CVE
CVE
added 2023/09/27 3:19 p.m.54 views

CVE-2023-40431

The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.0009EPSS
CVE
CVE
added 2024/01/10 10:15 p.m.54 views

CVE-2023-42870

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.4AI score0.00099EPSS
CVE
CVE
added 2023/12/12 1:15 a.m.54 views

CVE-2023-42897

The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An attacker with physical access may be able to use Siri to access sensitive user data.

4.6CVSS3.1AI score0.00065EPSS
CVE
CVE
added 2024/07/29 11:15 p.m.54 views

CVE-2024-40796

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Private browsing may leak some browsing history.

5.3CVSS5.8AI score0.00363EPSS
CVE
CVE
added 2024/10/28 9:15 p.m.54 views

CVE-2024-44252

A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.

7.1CVSS5.5AI score0.00055EPSS
CVE
CVE
added 2024/12/12 2:15 a.m.54 views

CVE-2024-54492

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic.

9.8CVSS5.6AI score0.0013EPSS
CVE
CVE
added 2024/12/12 2:15 a.m.54 views

CVE-2024-54500

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may result in disclosure of process memory.

5.5CVSS5.7AI score0.00038EPSS
Total number of security vulnerabilities3721