VYPR

Iphone OS

by Apple Inc.

CVEs (2,060)

  • CVE-2017-2520CriMay 22, 2017
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code…

  • CVE-2017-2519CriMay 22, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code…

  • CVE-2017-2518CriMay 22, 2017
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code…

  • CVE-2017-2513CriMay 22, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. A use-after-free vulnerability allows remote attackers…

  • CVE-2017-2434CriApr 2, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "HomeKit" component. It allows attackers to have an unspecified impact by leveraging the presence of Home Control on Control Center.

  • CVE-2017-2428CriApr 2, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves nghttp2 before 1.17.0 in the "HTTPProtocol" component. It allows remote HTTP/2…

  • CVE-2017-2423CriApr 2, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successful result from a…

  • CVE-2016-7663CriFeb 20, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "CoreFoundation" component. It allows remote attackers to execute arbitrary code or cause a denial of…

  • CVE-2016-7630CriFeb 20, 2017
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebSheet" component, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors.

  • CVE-2016-4658CriSep 25, 2016
    risk 0.64cvss 9.8epss 0.09

    xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of…

  • CVE-2016-4616CriJul 22, 2016
    risk 0.64cvss 9.8epss 0.03

    libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact…

  • CVE-2016-4615CriJul 22, 2016
    risk 0.64cvss 9.8epss 0.03

    libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact…

  • CVE-2016-4614CriJul 22, 2016
    risk 0.64cvss 9.8epss 0.03

    libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact…

  • CVE-2016-4609CriJul 22, 2016
    risk 0.64cvss 9.8epss 0.05

    libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact…

  • CVE-2016-4607CriJul 22, 2016
    risk 0.64cvss 9.8epss 0.05

    libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact…

  • CVE-2015-7988CriJun 26, 2016
    risk 0.64cvss 9.8epss 0.05

    The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.

  • CVE-2015-7987CriJun 26, 2016
    risk 0.64cvss 9.8epss 0.03

    Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.

  • CVE-2016-4448CriJun 9, 2016
    risk 0.64cvss 9.8epss 0.07

    Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

  • CVE-2016-1761CriMar 24, 2016
    risk 0.64cvss 9.8epss 0.07

    libxml2 in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

  • CVE-2008-3612CriSep 11, 2008
    risk 0.64cvss 9.8epss 0.04

    The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses predictable TCP initial sequence numbers, which allows remote attackers to spoof or hijack a TCP connection.

Page 4 of 103