VYPR

iOS

by Apple Inc.

CVEs (1,639)

  • CVE-2014-1267Mar 14, 2014
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The Configuration Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 does not properly evaluate the expiration date of a mobile configuration profile, which allows attackers to bypass intended access restrictions by using a profile after the date has passed.

  • CVE-2013-5133Mar 14, 2014
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data.

  • CVE-2012-0646Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.06

    Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.

  • CVE-2012-0645Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.

  • CVE-2012-0644Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.

  • CVE-2012-0643Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.

  • CVE-2012-0642Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.03

    Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.

  • CVE-2012-0641Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.

  • CVE-2012-0635Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2012-0633Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2012-0632Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2010-4012Dec 8, 2010
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button.

  • CVE-2010-1817Sep 9, 2010
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

  • CVE-2010-1815Sep 9, 2010
    Canonical
    Ubuntu Linux
    risk 0.00cvss epss 0.06

    Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.

  • CVE-2010-1814Sep 9, 2010
    Canonical
    Ubuntu Linux
    risk 0.00cvss epss 0.05

    WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.

  • CVE-2010-1812Sep 9, 2010
    Canonical
    Ubuntu Linux
    risk 0.00cvss epss 0.06

    Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.

  • CVE-2010-1811Sep 9, 2010
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.04

    ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.

  • CVE-2010-1810Sep 9, 2010
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate.

  • CVE-2010-1809Sep 9, 2010
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.

Page 82 of 82