Product:

Ipad_os

(Apple)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 262
Date Id Summary Products Score Patch Annotated
2014-01-21 CVE-2013-0340 expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for... Ipad_os, Iphone_os, Macos, Tvos, Watchos, Libexpat, Python N/A
2022-05-26 CVE-2022-26731 A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode. Ipad_os, Iphone_os, Macos 4.3
2022-05-26 CVE-2022-26736 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. Ipad_os, Iphone_os, Macos, Tvos 7.8
2022-05-26 CVE-2022-26737 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. Ipad_os, Iphone_os, Macos, Tvos 7.8
2022-05-26 CVE-2022-26738 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges. Ipad_os, Iphone_os, Macos, Tvos 7.8
2020-06-09 CVE-2020-9842 An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application could interact with system processes to access private information and perform privileged actions. Ipad_os, Iphone_os, Mac_os_x, Tvos, Watchos 7.1
2020-06-09 CVE-2020-9844 A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. Ipad_os, Iphone_os, Mac_os_x 7.5
2020-04-01 CVE-2020-3894 A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. Icloud, Ipad_os, Iphone_os, Itunes, Safari, Tvos 3.1
2020-04-01 CVE-2020-3897 A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. Icloud, Ipad_os, Iphone_os, Itunes, Safari, Tvos, Watchos 8.8
2020-04-01 CVE-2020-3901 A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. Icloud, Ipad_os, Iphone_os, Itunes, Safari, Tvos, Watchos 8.8