Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
| #Vulnerabilities | 3498 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-17 | CVE-2024-44198 | An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash. | Ipados, Iphone_os, Macos, Tvos, Visionos, Watchos | 5.5 | ||
| 2024-09-17 | CVE-2024-40826 | A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using print preview. | Ipados, Iphone_os, Macos | 6.1 | ||
| 2024-09-17 | CVE-2024-40830 | This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps. | Ipados, Iphone_os | 3.3 | ||
| 2017-05-23 | CVE-2016-9842 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Node\.js, Leap, Opensuse, Database_server, Jdk, Jre, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Satellite, Zlib | 8.8 | ||
| 2018-06-08 | CVE-2018-4233 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux | 8.8 | ||
| 2019-01-11 | CVE-2018-4404 | In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling. | Iphone_os, Mac_os_x | 7.8 | ||
| 2016-08-25 | CVE-2016-4655 | The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app. | Iphone_os | 5.5 | ||
| 2016-08-25 | CVE-2016-4656 | The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | Iphone_os | 7.8 | ||
| 2016-08-25 | CVE-2016-4657 | WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | Iphone_os | 8.8 | ||
| 2008-09-11 | CVE-2008-3612 | The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses predictable TCP initial sequence numbers, which allows remote attackers to spoof or hijack a TCP connection. | Iphone_os | 9.8 |