Filtered by vendor Apple
Subscriptions
Filtered by product Iphone Os
Subscriptions
Total
4073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4631 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | N/A |
| ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF file. | ||||
| CVE-2016-4623 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624. | ||||
| CVE-2016-4616 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2025-04-12 | N/A |
| libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4615, and CVE-2016-4619. | ||||
| CVE-2016-4615 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2025-04-12 | N/A |
| libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619. | ||||
| CVE-2015-5898 | 1 Apple | 2 Iphone Os, Watchos | 2025-04-12 | N/A |
| CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID. | ||||
| CVE-2016-4614 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2025-04-12 | 9.8 Critical |
| libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4615, CVE-2016-4616, and CVE-2016-4619. | ||||
| CVE-2016-4594 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | N/A |
| The Sandbox Profiles component in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows attackers to access the process list via a crafted app that makes an API call. | ||||
| CVE-2014-0564 | 8 Adobe, Apple, Google and 5 more | 15 Air Desktop Runtime, Air Sdk, Flash Player and 12 more | 2025-04-12 | N/A |
| Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0558. | ||||
| CVE-2016-4592 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site. | ||||
| CVE-2015-3727 | 1 Apple | 3 Iphone Os, Mac Os X, Safari | 2025-04-12 | N/A |
| WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site. | ||||
| CVE-2016-4591 | 1 Apple | 4 Iphone Os, Safari, Tvos and 1 more | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. | ||||
| CVE-2016-4585 | 1 Apple | 4 Iphone Os, Safari, Tvos and 1 more | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. | ||||
| CVE-2015-3690 | 1 Apple | 2 Iphone Os, Mac Os X | 2025-04-12 | N/A |
| The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app. | ||||
| CVE-2016-4583 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. | ||||
| CVE-2016-4582 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | N/A |
| The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4653. | ||||
| CVE-2015-5793 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2025-04-12 | N/A |
| WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. | ||||
| CVE-2016-4611 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | N/A |
| WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735. | ||||
| CVE-2016-4605 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Calendar in Apple iOS before 9.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a crafted invitation. | ||||
| CVE-2016-4604 | 1 Apple | 2 Iphone Os, Safari | 2025-04-12 | N/A |
| Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number. | ||||
| CVE-2016-4702 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2025-04-12 | N/A |
| Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||