Iphone Os

iphone_os

Vendor: Apple • 4,015 CVEs

CVEs (4,015)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-7088 1Apple 1Iphone Os May 13, 2026 Oct 23, 2017 N/A· v4 5.9 MEDIUM· v3 7.1 HIGH· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacki...Show more An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange account.Show less
CVE-2017-7087 1Apple 5Icloud Iphone OsItunes+2 more May 13, 2026 Oct 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected....Show more An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.Show less
CVE-2017-7086 1Apple 4Iphone Os Mac Os XTvos+1 more May 13, 2026 Oct 23, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows r...Show more An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "libc" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted string that is mishandled by the glob function.Show less
CVE-2017-7085 1Apple 2Iphone Os Safari May 13, 2026 Oct 23, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar.
CVE-2017-7083 1Apple 4Iphone Os Mac Os XTvos+1 more May 13, 2026 Oct 23, 2017 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "CFNetwork Proxies" component...Show more An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "CFNetwork Proxies" component. It allows remote attackers to cause a denial of service.Show less
CVE-2017-7081 1Apple 5Icloud Iphone OsItunes+2 more May 13, 2026 Oct 23, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected....Show more An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.Show less
CVE-2017-7080 1Apple 4Iphone Os Mac Os XTvos+1 more May 13, 2026 Oct 23, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allo...Show more An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust restrictions via a revoked X.509 certificate.Show less
CVE-2017-7078 1Apple 2Iphone Os Mac Os X May 13, 2026 Oct 23, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by...Show more An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended cleartext transmissions.Show less
CVE-2017-7072 1Apple 1Iphone Os May 13, 2026 Oct 23, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) via a crafted iBooks fi...Show more An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "iBooks" component. It allows remote attackers to cause a denial of service (persistent outage) via a crafted iBooks file.Show less
CVE-2017-11122 2Apple Broadcom 3Bcm4355c0 Firmware Iphone OsTvos May 13, 2026 Oct 4, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading.
CVE-2017-11121 2Apple Broadcom 3Bcm4355c0 Firmware Iphone OsTvos May 13, 2026 Sep 28, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to...Show more On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.Show less
CVE-2017-11120 2Apple Broadcom 3Bcm4355c0 Firmware Iphone OsTvos May 13, 2026 Sep 28, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.
CVE-2017-14315 1Apple 1Iphone Os May 13, 2026 Sep 12, 2017 N/A· v4 7.5 HIGH· v3 7.9 HIGH· v2 In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled dat...Show more In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" value must be present in Settings.Show less
CVE-2017-8248 1Apple 1Iphone Os May 13, 2026 Aug 16, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.
CVE-2017-7069 1Apple 4Iphone Os Mac Os XTvos+1 more May 13, 2026 Jul 20, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" compon...Show more An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.Show less
CVE-2017-7068 1Apple 4Iphone Os Mac Os XTvos+1 more May 13, 2026 Jul 20, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libarchive" co...Show more An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libarchive" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.Show less
CVE-2017-7064 1Apple 4Icloud Iphone OsItunes+1 more May 13, 2026 Jul 20, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue invol...Show more An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.Show less
CVE-2017-7063 1Apple 2Iphone Os Watchos May 13, 2026 Jul 20, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. watchOS before 3.2.3 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (me...Show more An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. watchOS before 3.2.3 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (memory consumption and application crash).Show less
CVE-2017-7062 1Apple 4Iphone Os Mac Os XTvos+1 more May 13, 2026 Jul 20, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Contacts" comp...Show more An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Contacts" component. A buffer overflow allows remote attackers to execute arbitrary code or cause a denial of service (application crash).Show less
CVE-2017-7061 1Apple 6Icloud Iphone OsItunes+3 more May 13, 2026 Jul 20, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10....Show more An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.Show less

Previous 1...130131132...201 Next