iOS

CVEs (2,979)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2012-3722	Apple Inc. Mac OS X	—	0.02	Sep 20, 2012	The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with…
CVE-2012-0672	Apple Inc. iOS	—	0.01	May 8, 2012	WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2012-0646	Apple Inc. iOS	—	0.06	Mar 8, 2012	Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.
CVE-2012-0645	Apple Inc. iOS	—	0.00	Mar 8, 2012	Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.
CVE-2012-0644	Apple Inc. iOS	—	0.00	Mar 8, 2012	Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.
CVE-2012-0643	Apple Inc. iOS	—	0.01	Mar 8, 2012	The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.
CVE-2012-0642	Apple Inc. iOS	—	0.03	Mar 8, 2012	Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.
CVE-2012-0641	Apple Inc. iOS	—	0.01	Mar 8, 2012	CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.
CVE-2012-0635	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0633	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0632	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0631	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0630	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0629	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0628	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0627	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0626	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0625	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0624	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0623	Apple Inc. iTunes	—	0.02	Mar 8, 2012	WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

CVE-2012-3722Sep 20, 2012
Apple Inc.
Mac OS X
risk 0.00cvss —epss 0.02
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with…
CVE-2012-0672May 8, 2012
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2012-0646Mar 8, 2012
Apple Inc.
iOS
risk 0.00cvss —epss 0.06
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.
CVE-2012-0645Mar 8, 2012
Apple Inc.
iOS
risk 0.00cvss —epss 0.00
Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.
CVE-2012-0644Mar 8, 2012
Apple Inc.
iOS
risk 0.00cvss —epss 0.00
Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.
CVE-2012-0643Mar 8, 2012
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.
CVE-2012-0642Mar 8, 2012
Apple Inc.
iOS
risk 0.00cvss —epss 0.03
Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.
CVE-2012-0641Mar 8, 2012
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.
CVE-2012-0635Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0633Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0632Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0631Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0630Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0629Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0628Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0627Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0626Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0625Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0624Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…
CVE-2012-0623Mar 8, 2012
Apple Inc.
iTunes
risk 0.00cvss —epss 0.02
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

Page 144 of 149