Search Results (4427 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-0605 1 Apple 2 Iphone Os, Itunes 2025-04-11 N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2010-0496 2 Apple, Freebit 2 Iphone Os, Serversman 2025-04-11 N/A
FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a denial of service (daemon crash) via a HEAD request for the / URI.
CVE-2012-0585 1 Apple 1 Iphone Os 2025-04-11 N/A
The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.
CVE-2012-0589 1 Apple 1 Iphone Os 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0588.
CVE-2012-0590 1 Apple 1 Iphone Os 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a drag-and-drop operation.
CVE-2012-0593 1 Apple 2 Iphone Os, Itunes 2025-04-11 N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0596 1 Apple 2 Iphone Os, Itunes 2025-04-11 N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2012-0600 1 Apple 2 Iphone Os, Itunes 2025-04-11 N/A
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
CVE-2024-31393 2 Apple, Mozilla 2 Iphone Os, Firefox 2025-04-09 4.3 Medium
Dragging Javascript URLs to the address bar could cause them to be loaded, bypassing restrictions and security protections This vulnerability affects Firefox for iOS < 124.
CVE-2024-31392 2 Apple, Mozilla 2 Iphone Os, Firefox 2025-04-09 7.5 High
If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status This vulnerability affects Firefox for iOS < 124.
CVE-2023-42949 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-03-25 3.3 Low
This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to access edited photos saved to a temporary directory.
CVE-2023-0575 4 Apple, Linux, Microsoft and 1 more 5 Iphone Os, Macos, Linux Kernel and 2 more 2025-03-24 7.2 High
External Control of Critical State Data, Improper Control of Generation of Code ('Code Injection') vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS (DevopsBase.Java:execCommand, TableManager.Java:runCommand modules) allows API Manipulation, Privilege Abuse. This vulnerability is associated with program files backup.Py. This issue affects Yugabyte DB: Lesser then 2.2.0.0
CVE-2022-48610 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-03-24 5.5 Medium
This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2. An app may be able to access user-sensitive data.
CVE-2023-42925 1 Apple 3 Ipados, Iphone Os, Macos 2025-03-20 3.3 Low
The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access Notes attachments.
CVE-2023-32423 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2025-03-20 6.5 Medium
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information.
CVE-2023-42957 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-03-19 3.3 Low
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10. An app may be able to read sensitive location information.
CVE-2023-40396 1 Apple 7 Ios, Ipad Os, Ipados and 4 more 2025-03-19 7.8 High
The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to execute arbitrary code with kernel privileges.
CVE-2023-23530 1 Apple 3 Ipados, Iphone Os, Macos 2025-03-18 8.6 High
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
CVE-2023-23524 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-03-18 7.5 High
A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.
CVE-2024-8909 2 Apple, Google 2 Iphone Os, Chrome 2025-03-17 4.3 Medium
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)