Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Iphone Os
Total 3830 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-2395 1 Apple 3 Iphone Os, Safari, Tvos 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-2394 1 Apple 3 Iphone Os, Safari, Tvos 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-2393 1 Apple 1 Iphone Os 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Safari Reader" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site.
CVE-2017-2390 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 2.1 LOW 5.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves symlink mishandling in the "libarchive" component. It allows local users to change arbitrary directory permissions via unspecified vectors.
CVE-2017-2389 1 Apple 2 Iphone Os, Safari 2024-11-21 5.8 MEDIUM 8.1 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof an HTTP authentication sheet or cause a denial of service via a crafted web site.
CVE-2017-2386 1 Apple 3 Iphone Os, Safari, Tvos 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2384 1 Apple 1 Iphone Os 2024-11-21 2.1 LOW 3.3 LOW
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Private Browsing mode.
CVE-2017-2380 1 Apple 1 Iphone Os 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the Simple Certificate Enrollment Protocol (SCEP) implementation in the "Profiles" component. It allows remote attackers to bypass cryptographic protection mechanisms by leveraging DES support.
CVE-2017-2379 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Carbon" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted .dfont file.
CVE-2017-2378 1 Apple 2 Iphone Os, Safari 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves bookmark creation in the "WebKit" component. It allows remote attackers to execute arbitrary code or spoof a bookmark by leveraging mishandling of links during drag-and-drop actions.
CVE-2017-2377 1 Apple 2 Iphone Os, Safari 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service (memory corruption and application crash) by leveraging a window-close action during a debugger-pause state.
CVE-2017-2376 1 Apple 2 Iphone Os, Safari 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading of a page.
CVE-2017-2375 1 Apple 1 Iphone Os 2024-11-21 2.1 LOW 3.3 LOW
An issue existed in preventing the uploading of CallKit call history to iCloud. This issue was addressed through improved logic. This issue is fixed in iOS 10.2.1. Updates for CallKit call history are sent to iCloud.
CVE-2017-2373 2 Apple, Webkitgtk 4 Iphone Os, Safari, Tvos and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-2371 1 Apple 1 Iphone Os 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site.
CVE-2017-2370 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2024-11-21 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app.
CVE-2017-2369 2 Apple, Webkitgtk 4 Iphone Os, Safari, Tvos and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-2368 1 Apple 1 Iphone Os 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card.
CVE-2017-2367 1 Apple 3 Iphone Os, Safari, Tvos 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2366 1 Apple 4 Icloud, Iphone Os, Itunes and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.