Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
| #Vulnerabilities | 3247 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-09-09 | CVE-2010-1817 | Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | Iphone_os | N/A | ||
| 2010-11-26 | CVE-2010-3832 | Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field. | Iphone_os | N/A | ||
| 2011-03-10 | CVE-2011-1344 | Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011. | Iphone_os, Safari | N/A | ||
| 2020-10-16 | CVE-2020-9951 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. | Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Watchos, Debian_linux, Webkitgtk\+ | 8.8 | ||
| 2020-04-01 | CVE-2020-3890 | The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. | Ipad_os, Iphone_os | 5.3 | ||
| 2020-04-01 | CVE-2020-3917 | This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks. | Ipados, Iphone_os, Tvos, Watchos | 5.5 | ||
| 2021-09-08 | CVE-2021-30776 | A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination. | Iphone_os, Mac_os_x, Macos, Tvos, Watchos | 5.5 | ||
| 2021-09-08 | CVE-2021-30798 | A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences. | Iphone_os, Macos, Watchos | 7.5 | ||
| 2021-09-08 | CVE-2021-1807 | A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files. | Ipados, Iphone_os, Watchos | 5.5 | ||
| 2021-09-08 | CVE-2021-1820 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. | Ipados, Iphone_os, Macos, Tvos, Watchos | 6.5 |