Filtered by vendor Apple
Subscriptions
Filtered by product Iphone Os
Subscriptions
Total
4139 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-7576 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. | ||||
| CVE-2016-4644 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-11-21 | N/A |
| In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials. | ||||
| CVE-2016-4643 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-11-21 | N/A |
| In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation. | ||||
| CVE-2016-4642 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-11-21 | N/A |
| In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings. | ||||
| CVE-2014-8130 | 3 Apple, Libtiff, Redhat | 10 Iphone Os, Mac Os X, Libtiff and 7 more | 2024-11-21 | N/A |
| The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither. | ||||
| CVE-2014-8129 | 4 Apple, Debian, Libtiff and 1 more | 9 Iphone Os, Mac Os X, Debian Linux and 6 more | 2024-11-21 | N/A |
| LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. | ||||
| CVE-2014-8128 | 2 Apple, Libtiff | 3 Iphone Os, Mac Os X, Libtiff | 2024-11-21 | 6.5 Medium |
| LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image. | ||||
| CVE-2024-44205 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-05 | 5.5 Medium |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. A sandboxed app may be able to access sensitive user data in system logs. | ||||
| CVE-2024-44233 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-04 | 6.5 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | ||||
| CVE-2024-44185 | 2 Apple, Redhat | 13 Ipados, Iphone Os, Macos and 10 more | 2024-11-04 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-44234 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-04 | 6.5 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | ||||
| CVE-2024-44232 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-04 | 6.5 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination. | ||||
| CVE-2024-44126 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-11-01 | 7.8 High |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, iOS 17.7 and iPadOS 17.7, macOS Sonoma 14.7, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to heap corruption. | ||||
| CVE-2024-44254 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-10-30 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 11.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, iOS 18.1 and iPadOS 18.1. An app may be able to access sensitive user data. | ||||
| CVE-2024-44235 | 1 Apple | 2 Ipados, Iphone Os | 2024-10-30 | 4.6 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen. | ||||
| CVE-2024-40853 | 1 Apple | 2 Ipados, Iphone Os | 2024-10-30 | 5.9 Medium |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls. | ||||
| CVE-2024-40851 | 1 Apple | 2 Ipados, Iphone Os | 2024-10-30 | 2.4 Low |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen. | ||||
| CVE-2024-7533 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-08-12 | 8.8 High |
| Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-6988 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-08-07 | 8.8 High |
| Use after free in Downloads in Google Chrome on iOS prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||