Product:

Iphone_os

(Apple)
Repositories https://github.com/madler/zlib
https://github.com/file/file
https://github.com/WebKit/webkit
https://github.com/vadz/libtiff
#Vulnerabilities 3500
Date Id Summary Products Score Patch Annotated
2020-02-05 CVE-2019-15126 An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503. Ipados, Iphone_os, Mac_os_x, Bcm43012_firmware, Bcm43013_firmware, Bcm4356_firmware, Bcm43752_firmware, Bcm4375_firmware, Bcm4389_firmware N/A
2010-09-07 CVE-2010-3259 WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site. Iphone_os, Safari, Ubuntu_linux, Chrome, Webkitgtk N/A
2010-09-07 CVE-2010-3257 Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. Iphone_os, Safari, Ubuntu_linux, Chrome, Webkitgtk N/A
2010-08-24 CVE-2010-3116 Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins. Iphone_os, Safari, Ubuntu_linux, Chrome, Webkitgtk N/A
2010-12-07 CVE-2010-4494 Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Debian_linux, Fedora, Chrome, Insight_control_server_deployment, Rapid_deployment_pack, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2 N/A
2011-03-11 CVE-2011-1204 Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. Iphone_os, Itunes, Safari, Chrome N/A
2011-03-11 CVE-2011-1203 Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Iphone_os, Itunes, Safari, Chrome N/A
2011-03-01 CVE-2011-1121 Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. Iphone_os, Itunes, Safari, Chrome N/A
2011-03-01 CVE-2011-1117 Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." Iphone_os, Itunes, Safari, Chrome N/A
2011-03-01 CVE-2011-1115 Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Iphone_os, Itunes, Safari, Chrome N/A