Iphone Os

iphone_os

Vendor: Apple • 4,015 CVEs

CVEs (4,015)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-0801 2Apple Google 5Android Iphone OsMac Os X+2 more May 6, 2026 Feb 7, 2016 N/A· v4 9.8 CRITICAL· v3 8.3 HIGH· v2 The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...Show more The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.Show less
CVE-2016-1730 1Apple 1Iphone Os May 6, 2026 Feb 1, 2016 N/A· v4 5.4 MEDIUM· v3 5.8 MEDIUM· v2 WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by operating a crafted captive portal.
CVE-2016-1728 1Apple 2Iphone Os Safari May 6, 2026 Feb 1, 2016 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain...Show more The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site.Show less
CVE-2016-1727 2Apple Webkitgtk 5Iphone Os SafariTvos+2 more May 6, 2026 Feb 1, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a differen...Show more WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724.Show less
CVE-2016-1726 1Apple 3Iphone Os SafariWatchos May 6, 2026 Feb 1, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than...Show more WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725.Show less
CVE-2016-1725 1Apple 3Iphone Os SafariWatchos May 6, 2026 Feb 1, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than...Show more WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726.Show less
CVE-2016-1724 2Apple Webkitgtk 5Iphone Os SafariTvos+2 more May 6, 2026 Feb 1, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a differen...Show more WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727.Show less
CVE-2016-1723 1Apple 3Iphone Os SafariWatchos May 6, 2026 Feb 1, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than...Show more WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726.Show less
CVE-2016-1722 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 Feb 1, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1721 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 Feb 1, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1720 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 Feb 1, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1719 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 Feb 1, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1717 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 Feb 1, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2015-8659 2Apple Nghttp2 5Iphone Os Mac Os XNghttp2+2 more May 6, 2026 Jan 12, 2016 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
CVE-2015-7116 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Jan 10, 2016 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different v...Show more libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7115.Show less
CVE-2015-7115 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Jan 10, 2016 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different v...Show more libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.Show less
CVE-2015-8242 5Apple CanonicalHp+2 more 12Enterprise Linux Desktop Enterprise Linux Hpc NodeEnterprise Linux Server+9 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash)...Show more The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.Show less
CVE-2015-7500 6Apple CanonicalDebian+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and...Show more The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.Show less
CVE-2015-7499 7Apple CanonicalDebian+4 more 15Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+12 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2015-5312 6Apple CanonicalDebian+3 more 13Debian Linux Enterprise Linux DesktopEnterprise Linux Hpc Node+10 more May 6, 2026 Dec 15, 2015 N/A· v4 N/A· v3 7.1 HIGH· v2 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted...Show more The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.Show less

Previous 1...153154155...201 Next