Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
| #Vulnerabilities | 3585 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-03-10 | CVE-2011-1344 | Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011. | Iphone_os, Safari | N/A | ||
| 2014-07-01 | CVE-2014-1359 | Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application. | Iphone_os, Mac_os_x, Tvos | N/A | ||
| 2020-12-08 | CVE-2020-10016 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges. | Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos | 7.8 | ||
| 2021-12-23 | CVE-2017-13905 | A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges. | Iphone_os, Mac_os_x, Macos, Tvos, Watchos | 8.1 | ||
| 2021-12-23 | CVE-2017-13880 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 11.2, watchOS 4.2. An application may be able to execute arbitrary code with kernel privilege. | Iphone_os, Watchos | 7.8 | ||
| 2021-12-23 | CVE-2017-2375 | An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud. | Iphone_os | 3.3 | ||
| 2021-12-23 | CVE-2018-4302 | A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution. | Icloud, Iphone_os, Itunes, Mac_os_x, Watchos | 7.8 | ||
| 2021-12-23 | CVE-2019-8702 | This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier. | Iphone_os, Mac_os_x, Tvos | 5.5 | ||
| 2021-12-23 | CVE-2019-8703 | This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges. | Iphone_os, Mac_os_x, Tvos, Watchos | 9.8 | ||
| 2019-02-18 | CVE-2019-8906 | do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, File, Leap | 4.4 |