Iphone Os

iphone_os

Vendor: Apple • 4,015 CVEs

CVEs (4,015)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-4476 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Jan 30, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (mem...Show more WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479.Show less
CVE-2014-4467 1Apple 1Iphone Os May 6, 2026 Jan 30, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site.
CVE-2014-4475 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4474 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4473 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4472 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4471 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4470 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4469 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4468 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4466 1Apple 4Iphone Os ItunesSafari+1 more May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted...Show more WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.Show less
CVE-2014-4465 1Apple 3Iphone Os SafariTvos May 6, 2026 Dec 10, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC...Show more WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.Show less
CVE-2014-4463 1Apple 1Iphone Os May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 Apple iOS before 8.1.1 allows physically proximate attackers to bypass the lock-screen protection mechanism, and view or transmit a Photo Library photo, via the FaceTime "Leave a Message" feature.
CVE-2014-4462 1Apple 2Iphone Os Tvos May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 5.8 MEDIUM· v2 WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a diff...Show more WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452.Show less
CVE-2014-4461 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted applicat...Show more The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.Show less
CVE-2014-4460 1Apple 2Iphone Os Mac Os X May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain se...Show more CFNetwork in Apple iOS before 8.1.1 and OS X before 10.10.1 does not properly clear the browsing cache upon a transition out of private-browsing mode, which makes it easier for physically proximate attackers to obtain sensitive information by reading cache files.Show less
CVE-2014-4459 1Apple 5Iphone Os ItunesMac Os X+2 more May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
CVE-2014-4457 1Apple 1Iphone Os May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run...Show more The Sandbox Profiles subsystem in Apple iOS before 8.1.1 does not properly implement the debugserver sandbox, which allows attackers to bypass intended binary-execution restrictions via a crafted application that is run during a time period when debugging is not enabled.Show less
CVE-2014-4455 1Apple 2Iphone Os Tvos May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file.
CVE-2014-4453 1Apple 2Iphone Os Mac Os X May 6, 2026 Nov 18, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive inform...Show more Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to obtain sensitive information via unspecified vectors.Show less

Previous 1...173174175...201 Next