Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
#Vulnerabilities | 3366 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2014-09-18 | CVE-2014-4371 | The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421. | Iphone_os, Mac_os_x, Tvos | N/A | ||
2017-12-27 | CVE-2017-7152 | An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail Message Framework" component. It allows remote attackers to spoof the address bar via a crafted web site. | Iphone_os | 4.3 | ||
2019-01-11 | CVE-2018-4277 | In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. | Iphone_os, Mac_os_x, Safari, Tvos, Watchos | 7.5 | ||
2017-10-23 | CVE-2017-7146 | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Security" component. It allows attackers to track users across installs via a crafted app that leverages Keychain data mishandling. | Iphone_os | 5.3 | ||
2017-10-23 | CVE-2017-7133 | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to have been encrypted. | Iphone_os | 7.5 | ||
2017-10-23 | CVE-2017-7086 | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted string that is mishandled by the glob function. | Iphone_os, Mac_os_x, Tvos, Watchos | 7.5 | ||
2017-10-23 | CVE-2017-7078 | An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended cleartext transmissions. | Iphone_os, Mac_os_x | 5.3 | ||
2017-07-20 | CVE-2017-7063 | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. watchOS before 3.2.3 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (memory consumption and application crash). | Iphone_os, Watchos | 7.5 | ||
2017-07-20 | CVE-2017-7006 | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct a timing side-channel attack to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses SVG filters. | Iphone_os, Safari, Tvos, Webkit | 5.3 | ||
2017-05-22 | CVE-2017-6981 | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "iBooks" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that uses symlinks. | Iphone_os, Mac_os_x | 7.8 |