Iphone Os

iphone_os

Vendor: Apple • 4,014 CVEs

CVEs (4,014)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-3116 4Apple CanonicalGoogle+1 more 5Chrome Iphone OsSafari+2 more Apr 29, 2026 Aug 24, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary co...Show more Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.Show less
CVE-2010-2808 3Apple CanonicalFreetype 5Freetype Iphone OsMac Os X+2 more Apr 29, 2026 Aug 19, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrar...Show more Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.Show less
CVE-2010-2807 3Apple CanonicalFreetype 5Freetype Iphone OsMac Os X+2 more Apr 29, 2026 Aug 19, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2010-2806 3Apple CanonicalFreetype 5Freetype Iphone OsMac Os X+2 more Apr 29, 2026 Aug 19, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative siz...Show more Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.Show less
CVE-2010-2805 3Apple CanonicalFreetype 5Freetype Iphone OsMac Os X+2 more Apr 29, 2026 Aug 19, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly...Show more The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.Show less
CVE-2010-1797 1Apple 1Iphone Os Apr 29, 2026 Aug 16, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and...Show more Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information.Show less
CVE-2010-2973 1Apple 1Iphone Os Apr 29, 2026 Aug 5, 2010 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by Jai...Show more Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.Show less
CVE-2010-2249 8Apple CanonicalDebian+5 more 12Debian Linux FedoraIphone Os+9 more Apr 29, 2026 Jun 30, 2010 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Sca...Show more Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.Show less
CVE-2010-1205 10Apple CanonicalDebian+7 more 17Chrome Debian LinuxFedora+14 more Apr 29, 2026 Jun 30, 2010 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data r...Show more Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.Show less
CVE-2010-1775 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 1.9 LOW· v2 Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbit...Show more Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot.Show less
CVE-2010-1757 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 6.4 MEDIUM· v2 WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a craft...Show more WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document.Show less
CVE-2010-1756 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating...Show more The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network.Show less
CVE-2010-1755 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie.
CVE-2010-1754 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate atta...Show more Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors.Show less
CVE-2010-1753 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.
CVE-2010-1752 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL ha...Show more Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.Show less
CVE-2010-1751 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors.
CVE-2010-1407 1Apple 1Iphone Os Apr 29, 2026 Jun 22, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive inf...Show more WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document.Show less
CVE-2010-1387 1Apple 2Iphone Os Itunes Apr 29, 2026 Jun 18, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of...Show more Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.Show less
CVE-2010-1226 1Apple 1Iphone Os Apr 29, 2026 Apr 1, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property...Show more The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed character" issue.Show less

Previous 1...197198199 200 201 Next