Total
3661 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1815 | 3 Apple, Canonical, Webkitgtk | 4 Iphone Os, Ipod Touch, Ubuntu Linux and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | |||||
CVE-2011-2867 | 1 Apple | 2 Iphone Os, Itunes | 2024-02-28 | 9.3 HIGH | N/A |
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
CVE-2011-3429 | 1 Apple | 1 Iphone Os | 2024-02-28 | 2.1 LOW | N/A |
The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an unspecified file, which might allow physically proximate attackers to obtain sensitive information by reading this file. | |||||
CVE-2011-3430 | 1 Apple | 1 Iphone Os | 2024-02-28 | 9.3 HIGH | N/A |
The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display. | |||||
CVE-2012-0597 | 1 Apple | 2 Iphone Os, Itunes | 2024-02-28 | 9.3 HIGH | N/A |
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
CVE-2010-1814 | 3 Apple, Canonical, Webkitgtk | 4 Iphone Os, Ipod Touch, Ubuntu Linux and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | |||||
CVE-2011-2847 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | |||||
CVE-2011-2845 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2024-02-28 | 4.3 MEDIUM | N/A |
Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors. | |||||
CVE-2011-3924 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. | |||||
CVE-2011-0195 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | N/A |
The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202. | |||||
CVE-2011-3035 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. | |||||
CVE-2011-2834 | 4 Apple, Debian, Google and 1 more | 8 Iphone Os, Mac Os X, Debian Linux and 5 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | |||||
CVE-2012-0635 | 1 Apple | 2 Iphone Os, Itunes | 2024-02-28 | 9.3 HIGH | N/A |
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | |||||
CVE-2011-3966 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. | |||||
CVE-2011-2800 | 3 Apple, Debian, Google | 4 Iphone Os, Safari, Debian Linux and 1 more | 2024-02-28 | 4.3 MEDIUM | N/A |
Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. | |||||
CVE-2012-0587 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589. | |||||
CVE-2012-0646 | 1 Apple | 1 Iphone Os | 2024-02-28 | 9.3 HIGH | N/A |
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file. | |||||
CVE-2011-2799 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. | |||||
CVE-2011-3442 | 1 Apple | 1 Iphone Os | 2024-02-28 | 7.2 HIGH | N/A |
The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app. | |||||
CVE-2012-0596 | 1 Apple | 2 Iphone Os, Itunes | 2024-02-28 | 9.3 HIGH | N/A |
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |