Total
3661 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1002 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Windows 7 and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. | |||||
| CVE-2012-3732 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.4 MEDIUM | N/A |
| Mail in Apple iOS before 6 uses an S/MIME message's From address as the displayed sender address, which allows remote attackers to spoof signed content via an e-mail message in which the From field does not match the signer's identity. | |||||
| CVE-2013-5138 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.7 MEDIUM | N/A |
| IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted application. | |||||
| CVE-2013-5125 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
| CVE-2012-3632 | 1 Apple | 2 Iphone Os, Itunes | 2024-02-28 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
| CVE-2013-0963 | 1 Apple | 1 Iphone Os | 2024-02-28 | 2.1 LOW | N/A |
| Identity Services in Apple iOS before 6.1 does not properly handle validation failures of AppleID certificates, which might allow physically proximate attackers to bypass authentication by leveraging an incorrect assignment of an empty string value to an AppleID. | |||||
| CVE-2013-1038 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
| CVE-2013-0964 | 1 Apple | 2 Iphone Os, Tvos | 2024-02-28 | 3.6 LOW | N/A |
| The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and copyout arguments, which allows local users to bypass intended pointer restrictions and access locations in the first kernel-memory page by specifying a length of less than one page. | |||||
| CVE-2012-3621 | 1 Apple | 2 Iphone Os, Itunes | 2024-02-28 | 9.3 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
| CVE-2013-1025 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-02-28 | 6.8 MEDIUM | N/A |
| Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document. | |||||
| CVE-2012-3737 | 1 Apple | 1 Iphone Os | 2024-02-28 | 2.1 LOW | N/A |
| The Passcode Lock implementation in Apple iOS before 6 does not properly restrict photo viewing, which allows physically proximate attackers to view arbitrary stored photos by spoofing a time value. | |||||
| CVE-2013-5144 | 1 Apple | 1 Iphone Os | 2024-02-28 | 3.3 LOW | N/A |
| Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by tapping the emergency-call button during a certain notification and camera-pane state to trigger a NULL pointer dereference. | |||||
| CVE-2013-1040 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
| CVE-2013-3954 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-02-28 | 6.9 MEDIUM | N/A |
| The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive information from kernel heap memory via a certain size value in conjunction with a crafted buffer. | |||||
| CVE-2013-5159 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | N/A |
| WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAME element. | |||||
| CVE-2012-3734 | 1 Apple | 1 Iphone Os | 2024-02-28 | 1.9 LOW | N/A |
| Office Viewer in Apple iOS before 6 writes cleartext document data to a temporary file, which might allow local users to bypass a document's intended (1) Data Protection level or (2) encryption state by reading the temporary content. | |||||
| CVE-2013-1044 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. | |||||
| CVE-2013-0959 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
| CVE-2013-0950 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||
| CVE-2013-0956 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. | |||||