Search Results (4420 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-5153 1 Apple 1 Iphone Os 2025-04-11 N/A
Springboard in Apple iOS before 7 does not properly manage the lock state in Lost Mode, which allows physically proximate attackers to read notifications via unspecified vectors.
CVE-2013-5160 1 Apple 1 Iphone Os 2025-04-11 N/A
Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by making a series of taps of the emergency-call button to trigger a NULL pointer dereference.
CVE-2013-5196 1 Apple 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.
CVE-2011-1418 1 Apple 3 Apple Tv, Iphone Os, Tvos 2025-04-11 N/A
The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses.
CVE-2011-0162 1 Apple 3 Apple Tv, Iphone Os, Tvos 2025-04-11 N/A
Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspecified traffic on the local wireless network.
CVE-2014-2019 1 Apple 1 Iphone Os 2025-04-11 4.6 Medium
The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value.
CVE-2010-1181 1 Apple 2 Iphone Os, Ipod Touch 2025-04-11 N/A
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element.
CVE-2010-1180 1 Apple 2 Iphone Os, Safari 2025-04-11 N/A
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long exception string in a throw statement, possibly a related issue to CVE-2009-1514.
CVE-2010-0496 2 Apple, Freebit 2 Iphone Os, Serversman 2025-04-11 N/A
FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a denial of service (daemon crash) via a HEAD request for the / URI.
CVE-2010-1179 1 Apple 2 Iphone Os, Safari 2025-04-11 N/A
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024.
CVE-2011-3897 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.
CVE-2011-3442 1 Apple 1 Iphone Os 2025-04-11 N/A
The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.
CVE-2011-3440 1 Apple 2 Ipad2, Iphone Os 2025-04-11 N/A
The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover during power-off confirmation.
CVE-2011-3439 3 Apple, Redhat, Suse 6 Iphone Os, Enterprise Linux, Rhel Eus and 3 more 2025-04-11 N/A
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.
CVE-2011-3046 3 Apple, Google, Opensuse 4 Iphone Os, Safari, Chrome and 1 more 2025-04-11 N/A
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
CVE-2014-1266 1 Apple 3 Iphone Os, Mac Os X, Tvos 2025-04-11 7.4 High
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.
CVE-2013-5225 1 Apple 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.
CVE-2011-3427 1 Apple 2 Apple Tv, Iphone Os 2025-04-11 N/A
The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
CVE-2011-2821 4 Apple, Debian, Google and 1 more 9 Iphone Os, Mac Os X, Debian Linux and 6 more 2025-04-11 N/A
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.
CVE-2011-2391 1 Apple 3 Iphone Os, Itunes, Mac Os X 2025-04-11 N/A
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.