Iphone OS
by Apple Inc.
CVEs (2,060)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7131 | Med | 0.36 | 5.5 | 0.01 | Oct 23, 2017 | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app. | ||
| CVE-2017-7118 | Med | 0.36 | 5.5 | 0.01 | Oct 23, 2017 | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (crash) via a crafted image. | ||
| CVE-2017-7097 | Med | 0.36 | 5.5 | 0.01 | Oct 23, 2017 | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image. | ||
| CVE-2017-7072 | Med | 0.36 | 5.5 | 0.01 | Oct 23, 2017 | An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) via a crafted iBooks file. | ||
| CVE-2017-7029 | Med | 0.36 | 5.5 | 0.01 | Jul 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read… | ||
| CVE-2017-7028 | Med | 0.36 | 5.5 | 0.01 | Jul 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read… | ||
| CVE-2017-6987 | Med | 0.36 | 5.5 | 0.01 | May 22, 2017 | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read… | ||
| CVE-2017-2507 | Med | 0.36 | 5.5 | 0.01 | May 22, 2017 | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read… | ||
| CVE-2017-2502 | Med | 0.36 | 5.5 | 0.01 | May 22, 2017 | An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreAudio" component. It allows attackers to bypass intended memory-read… | ||
| CVE-2017-2417 | Med | 0.36 | 5.5 | 0.01 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to cause a denial of… | ||
| CVE-2017-2390 | Med | 0.36 | 5.5 | 0.00 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change… | ||
| CVE-2017-2368 | Med | 0.36 | 5.5 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card. | ||
| CVE-2016-7665 | Med | 0.36 | 5.5 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Graphics Driver" component, which allows remote attackers to cause a denial of service via a crafted video. | ||
| CVE-2016-7619 | Med | 0.36 | 5.5 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to symlinks. | ||
| CVE-2016-7615 | Med | 0.36 | 5.5 | 0.00 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows local users to cause a denial of service via unspecified vectors. | ||
| CVE-2016-7607 | Med | 0.36 | 5.5 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows attackers to obtain sensitive information from kernel memory via a crafted… | ||
| CVE-2016-4680 | Med | 0.36 | 5.5 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app. | ||
| CVE-2016-4679 | Med | 0.36 | 5.5 | 0.02 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libarchive" component, which allows remote attackers to write to arbitrary… | ||
| CVE-2016-4771 | Med | 0.36 | 5.5 | 0.01 | Sep 25, 2016 | The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname. | ||
| CVE-2016-4719 | Med | 0.36 | 5.5 | 0.01 | Sep 18, 2016 | The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application. |
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive Contact card information via a crafted app.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (crash) via a crafted image.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) via a crafted iBooks file.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreAudio" component. It allows attackers to bypass intended memory-read…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to cause a denial of…
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Graphics Driver" component, which allows remote attackers to cause a denial of service via a crafted video.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "libarchive" component, which allows local users to write to arbitrary files via vectors related to symlinks.
- risk 0.36cvss 5.5epss 0.00
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows local users to cause a denial of service via unspecified vectors.
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component, which allows attackers to obtain sensitive information from kernel memory via a crafted…
- risk 0.36cvss 5.5epss 0.01
An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.
- risk 0.36cvss 5.5epss 0.02
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libarchive" component, which allows remote attackers to write to arbitrary…
- risk 0.36cvss 5.5epss 0.01
The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname.
- risk 0.36cvss 5.5epss 0.01
The GeoServices component in Apple iOS before 10 and watchOS before 3 does not properly restrict access to PlaceData information, which allows attackers to discover physical locations via a crafted application.
Page 46 of 103