Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors.
Max CVSS
6.9
EPSS Score
0.06%
Published
2010-06-22
Updated
2022-08-09
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
Max CVSS
6.9
EPSS Score
0.04%
Published
2010-08-05
Updated
2022-08-09
Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.
Max CVSS
6.9
EPSS Score
0.05%
Published
2012-03-08
Updated
2018-11-29
The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter data structures, which allows local users to gain privileges via a crafted program that makes packet-filter ioctl calls.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-20
Updated
2013-03-23
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive information from kernel heap memory via a certain size value in conjunction with a crafted buffer.
Max CVSS
6.9
EPSS Score
0.04%
Published
2013-06-05
Updated
2013-10-31
The Accessibility subsystem in Apple iOS before 8 allows attackers to interfere with screen locking via vectors related to AssistiveTouch events.
Max CVSS
6.9
EPSS Score
0.22%
Published
2014-09-18
Updated
2017-08-29
The rt_setgate function in the kernel in Apple iOS before 8 and Apple TV before 7 allows local users to gain privileges or cause a denial of service (out-of-bounds read and device crash) via a crafted call.
Max CVSS
6.9
EPSS Score
0.04%
Published
2014-09-18
Updated
2019-03-08
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.
Max CVSS
6.9
EPSS Score
0.08%
Published
2015-09-18
Updated
2016-04-06
The Audio Drivers subsystem in Apple iOS before 8.3 and Apple TV before 7.2 does not properly validate IOKit object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
Max CVSS
6.9
EPSS Score
0.32%
Published
2015-04-10
Updated
2019-03-08
The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Max CVSS
6.9
EPSS Score
0.32%
Published
2015-04-10
Updated
2019-03-08
The (1) setreuid and (2) setregid system-call implementations in the kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 do not properly perform privilege drops, which makes it easier for attackers to execute code with unintended user or group privileges via a crafted app.
Max CVSS
6.9
EPSS Score
0.33%
Published
2015-04-10
Updated
2019-03-08
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
Max CVSS
6.9
EPSS Score
0.04%
Published
2015-12-11
Updated
2017-09-13
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
Max CVSS
6.8
EPSS Score
6.86%
Published
2009-02-22
Updated
2024-02-09
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table.
Max CVSS
6.8
EPSS Score
3.54%
Published
2009-09-10
Updated
2022-08-09
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page.
Max CVSS
6.8
EPSS Score
0.22%
Published
2009-11-13
Updated
2021-11-08
Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.
Max CVSS
6.8
EPSS Score
1.82%
Published
2010-06-22
Updated
2022-08-09
ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image.
Max CVSS
6.8
EPSS Score
0.77%
Published
2010-06-22
Updated
2022-08-09
Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.
Max CVSS
6.8
EPSS Score
7.74%
Published
2010-09-09
Updated
2022-08-09
ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.
Max CVSS
6.8
EPSS Score
1.37%
Published
2010-09-09
Updated
2022-08-09
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections.
Max CVSS
6.8
EPSS Score
85.26%
Published
2010-09-09
Updated
2022-08-09
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines.
Max CVSS
6.8
EPSS Score
81.29%
Published
2010-09-09
Updated
2022-08-09
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.
Max CVSS
6.8
EPSS Score
90.59%
Published
2010-09-09
Updated
2022-08-09
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars.
Max CVSS
6.8
EPSS Score
85.26%
Published
2010-09-09
Updated
2022-08-09
Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
Max CVSS
6.8
EPSS Score
0.69%
Published
2010-09-09
Updated
2022-08-09
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Max CVSS
6.8
EPSS Score
0.41%
Published
2010-08-19
Updated
2021-04-06
547 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!