VYPR

Iphone OS

by Apple Inc.

CVEs (2,060)

  • CVE-2016-1760MedMar 29, 2016
    risk 0.40cvss 6.2epss 0.00

    The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app.

  • CVE-2025-43200MedKEVJun 16, 2025
    risk 0.39cvss 4.2epss 0.01

    This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1, watchOS 11.3.1. A…

  • CVE-2017-13869MedDec 25, 2017
    risk 0.39cvss 5.5epss 0.05

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…

  • CVE-2017-13868MedDec 25, 2017
    risk 0.39cvss 5.5epss 0.05

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…

  • CVE-2017-13865MedDec 25, 2017
    risk 0.39cvss 5.5epss 0.04

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…

  • CVE-2017-13855MedDec 25, 2017
    risk 0.39cvss 5.5epss 0.05

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…

  • CVE-2017-13849MedNov 13, 2017
    risk 0.39cvss 5.5epss 0.04

    An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted…

  • CVE-2017-7088MedOct 23, 2017
    risk 0.39cvss 5.9epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of…

  • CVE-2017-7064MedJul 20, 2017
    risk 0.39cvss 5.5epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass…

  • CVE-2017-6982MedMay 22, 2017
    risk 0.39cvss 5.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Notifications" component. It allows attackers to cause a denial of service via a crafted app.

  • CVE-2016-1788MedMar 24, 2016
    risk 0.39cvss 5.9epss 0.02

    Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages.

  • CVE-2024-54494MedDec 12, 2024
    risk 0.38cvss 5.9epss 0.01

    A race condition was addressed with additional validation. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. An attacker may be able to create a read-only memory…

  • CVE-2024-54492MedDec 12, 2024
    risk 0.38cvss 5.9epss 0.01

    This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic.

  • CVE-2024-27823MedJul 29, 2024
    risk 0.38cvss 5.9epss 0.01

    A race condition was addressed with improved locking. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.3, watchOS 10.5. An attacker in a privileged network…

  • CVE-2024-23277MedMar 8, 2024
    risk 0.38cvss 5.9epss 0.01

    The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard.

  • CVE-2024-23218MedJan 23, 2024
    risk 0.38cvss 5.9epss 0.01

    A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, tvOS 17.3, watchOS…

  • CVE-2017-13860MedDec 25, 2017
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "Mail Drafts" component. It allows man-in-the-middle attackers to read e-mail content by leveraging mishandling of S/MIME credential…

  • CVE-2017-2448MedApr 2, 2017
    risk 0.38cvss 5.9epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Keychain secret protection…

  • CVE-2017-2412MedApr 2, 2017
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "iTunes Store" component. It allows man-in-the-middle attackers to modify the client-server data stream to iTunes sandbox web services by leveraging use of cleartext HTTP.

  • CVE-2016-7636MedFeb 20, 2017
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Security" component, which allows man-in-the-middle attackers to cause a denial of service (application…

Page 37 of 103