Product:

Iphone_os

(Apple)
Date Id Summary Products Score Patch Annotated
2014-09-18 CVE-2014-4371 The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421. Iphone_os, Mac_os_x, Tvos N/A
2017-12-27 CVE-2017-7152 An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail Message Framework" component. It allows remote attackers to spoof the address bar via a crafted web site. Iphone_os 4.3
2019-01-11 CVE-2018-4277 In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. Iphone_os, Mac_os_x, Safari, Tvos, Watchos 7.5
2017-10-23 CVE-2017-7146 An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Security" component. It allows attackers to track users across installs via a crafted app that leverages Keychain data mishandling. Iphone_os 5.3
2017-10-23 CVE-2017-7133 An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to have been encrypted. Iphone_os 7.5
2017-10-23 CVE-2017-7086 An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted string that is mishandled by the glob function. Iphone_os, Mac_os_x, Tvos, Watchos 7.5
2017-10-23 CVE-2017-7078 An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended cleartext transmissions. Iphone_os, Mac_os_x 5.3
2017-07-20 CVE-2017-7063 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. watchOS before 3.2.3 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (memory consumption and application crash). Iphone_os, Watchos 7.5
2017-07-20 CVE-2017-7006 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct a timing side-channel attack to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses SVG filters. Iphone_os, Safari, Tvos, Webkit 5.3
2017-05-22 CVE-2017-6981 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that uses symlinks. Iphone_os, Mac_os_x 7.8