VYPR

Iphone OS

by Apple Inc.

CVEs (2,059)

  • CVE-2025-30425MedMar 31, 2025
    risk 0.28cvss 4.3epss 0.01

    This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. A malicious website may be able to track users in Safari private browsing mode.

  • CVE-2025-24216MedMar 31, 2025
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

  • CVE-2025-24160MedJan 27, 2025
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.

  • CVE-2025-24128MedJan 27, 2025
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2025-24113MedJan 27, 2025
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead…

  • CVE-2024-54535MedJan 15, 2025
    risk 0.28cvss 4.3epss 0.00

    A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders.

  • CVE-2024-44244MedOct 28, 2024
    risk 0.28cvss 4.3epss 0.01

    A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2024-40776MedJul 29, 2024
    risk 0.28cvss 4.3epss 0.01

    A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an…

  • CVE-2024-27807MedJun 10, 2024
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5. An app may be able to circumvent App Privacy Report logging.

  • CVE-2024-23273MedMar 8, 2024
    risk 0.28cvss 4.3epss 0.01

    This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.

  • CVE-2017-7152MedDec 27, 2017
    risk 0.28cvss 4.3epss 0.01

    An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail Message Framework" component. It allows remote attackers to spoof the address bar via a crafted web site.

  • CVE-2017-7144MedOct 23, 2017
    risk 0.28cvss 4.3epss 0.01

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling.

  • CVE-2016-7759MedFeb 20, 2017
    risk 0.28cvss 4.3epss 0.00

    An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the "Springboard" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher.

  • CVE-2016-7592MedFeb 20, 2017
    risk 0.28cvss 4.3epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive…

  • CVE-2016-7581MedFeb 20, 2017
    risk 0.28cvss 4.3epss 0.01

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Safari" component, which allows remote web servers to cause a denial of service via a crafted URL.

  • CVE-2016-4603MedJul 22, 2016
    risk 0.28cvss 4.3epss 0.01

    Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior.

  • CVE-2016-1864MedJun 19, 2016
    risk 0.28cvss 4.3epss 0.02

    The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL.

  • CVE-2016-1781MedMar 24, 2016
    risk 0.28cvss 4.3epss 0.01

    WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors.

  • CVE-2016-1780MedMar 24, 2016
    risk 0.28cvss 4.3epss 0.01

    WebKit in Apple iOS before 9.3 does not prevent hidden web views from reading orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment via a crafted web site.

  • CVE-2016-1728MedFeb 1, 2016
    risk 0.28cvss 4.3epss 0.02

    The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web…

Page 52 of 103