VYPR

iOS

by Apple Inc.

CVEs (1,745)

  • CVE-2012-0624Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2012-0623Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2012-0622Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2012-0621Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2012-0620Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2012-0588Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589.

  • CVE-2012-0587Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.

  • CVE-2012-0586Mar 8, 2012
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589.

  • CVE-2012-0585Mar 8, 2012
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.01

    The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.

  • CVE-2011-2872Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2011-2871Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2011-2870Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2011-2869Mar 8, 2012
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2011-3442Nov 11, 2011
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.

  • CVE-2011-3440Nov 11, 2011
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover during power-off confirmation.

  • CVE-2011-3434Oct 14, 2011
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The WiFi component in Apple iOS before 5 stores WiFi credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application.

  • CVE-2011-3432Oct 14, 2011
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.01

    The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of service (device hang) via a long tel: URL that triggers a large size for the acceptance dialog.

  • CVE-2011-3431Oct 14, 2011
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sensitive state information by watching the device's screen.

  • CVE-2011-3430Oct 14, 2011
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display.

  • CVE-2011-3429Oct 14, 2011
    Apple Inc.
    Iphone Os
    risk 0.00cvss epss 0.00

    The Settings component in Apple iOS before 5 stores a cleartext parental-restrictions passcode in an unspecified file, which might allow physically proximate attackers to obtain sensitive information by reading this file.

Page 85 of 88