Total
3661 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-3736 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.6 MEDIUM | N/A |
The Passcode Lock implementation in Apple iOS before 6 allows physically proximate attackers to bypass an intended passcode requirement via vectors related to ending a FaceTime call. | |||||
CVE-2011-3074 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. | |||||
CVE-2013-5198 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
CVE-2013-1004 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Windows 7 and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | |||||
CVE-2011-3069 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. | |||||
CVE-2013-1000 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Windows 7 and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | |||||
CVE-2011-3053 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. | |||||
CVE-2013-3951 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-02-28 | 4.6 MEDIUM | N/A |
sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering attack or an attack against a setuid Mac OS X program. | |||||
CVE-2013-0951 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
CVE-2013-5160 | 1 Apple | 1 Iphone Os | 2024-02-28 | 3.3 LOW | N/A |
Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by making a series of taps of the emergency-call button to trigger a NULL pointer dereference. | |||||
CVE-2013-0952 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
CVE-2013-5155 | 1 Apple | 1 Iphone Os | 2024-02-28 | 7.1 HIGH | N/A |
The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service (infinite loop) via an application that writes crafted values to /dev/random. | |||||
CVE-2012-2870 | 3 Apple, Google, Xmlsoft | 3 Iphone Os, Chrome, Libxslt | 2024-02-28 | 4.3 MEDIUM | N/A |
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. | |||||
CVE-2013-5126 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
CVE-2011-3078 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. | |||||
CVE-2013-1043 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
CVE-2013-1045 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
CVE-2013-5161 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.4 MEDIUM | N/A |
Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or read the list of all recently opened apps, by leveraging unspecified transition errors. | |||||
CVE-2013-5228 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
CVE-2013-5131 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. |