Iphone_os - Vulncode-DB

Product:
Iphone_os
(Apple)

Repositories	• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff
#Vulnerabilities	1690

Date	ID	Summary	Products	Score	Patch
2014-11-18	CVE-2014-4459	Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.	Iphone_os, Itunes, Mac_os_x, Safari, Tvos	N/A
2014-11-18	CVE-2014-4452	WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462.	Iphone_os, Itunes, Safari, Tvos	N/A
2014-09-18	CVE-2014-4363	Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element.	Iphone_os, Safari	N/A
2019-04-03	CVE-2018-20506	SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.	Icloud, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Leap, Sqlite	8.1
2019-04-03	CVE-2018-20505	SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).	Icloud, Iphone_os, Itunes, Mac_os_x, Watchos, Sqlite	7.5
2017-05-22	CVE-2017-2520	An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.	Iphone_os, Mac_os_x, Tvos, Watchos, Debian_linux	9.8
2017-05-22	CVE-2017-2519	An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted SQL statement.	Iphone_os, Mac_os_x, Tvos, Watchos, Debian_linux	9.8
2017-05-22	CVE-2017-2518	An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement.	Iphone_os, Mac_os_x, Tvos, Watchos, Debian_linux	9.8
2016-09-25	CVE-2016-4738	libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.	Iphone_os, Mac_os_x, Tvos, Watchos, Debian_linux	8.8
2016-07-22	CVE-2016-4609	libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612.	Icloud, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Libxslt	9.8