Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Filtered by product Iphone Os
Total 3262 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4658 2 Apple, Xmlsoft 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-03-13 10.0 HIGH 9.8 CRITICAL
xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
CVE-2016-4773 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-13 5.8 MEDIUM 7.1 HIGH
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776.
CVE-2016-4778 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-13 9.3 HIGH 7.8 HIGH
The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-4733 1 Apple 3 Iphone Os, Safari, Tvos 2019-03-13 9.3 HIGH 7.8 HIGH
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735.
CVE-2016-4712 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-13 9.3 HIGH 7.8 HIGH
CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app.
CVE-2017-2355 2 Apple, Webkitgtk 6 Icloud, Iphone Os, Itunes and 3 more 2019-03-13 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site.
CVE-2016-4735 1 Apple 3 Iphone Os, Safari, Tvos 2019-03-13 9.3 HIGH 8.8 HIGH
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4734.
CVE-2016-4611 1 Apple 3 Iphone Os, Safari, Tvos 2019-03-13 6.8 MEDIUM 8.8 HIGH
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.
CVE-2016-4734 1 Apple 3 Iphone Os, Safari, Tvos 2019-03-12 9.3 HIGH 9.6 CRITICAL
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, and CVE-2016-4735.
CVE-2016-4737 1 Apple 4 Iphone Os, Safari, Tvos and 1 more 2019-03-12 9.3 HIGH 8.8 HIGH
WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-4768 2 Apple, Microsoft 5 Iphone Os, Itunes, Safari and 2 more 2019-03-11 6.8 MEDIUM 8.8 HIGH
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4766, and CVE-2016-4767.
CVE-2016-4759 2 Apple, Microsoft 5 Iphone Os, Itunes, Safari and 2 more 2019-03-11 6.8 MEDIUM 8.8 HIGH
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.
CVE-2016-4765 2 Apple, Microsoft 5 Iphone Os, Itunes, Safari and 2 more 2019-03-11 6.8 MEDIUM 8.8 HIGH
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4766, CVE-2016-4767, and CVE-2016-4768.
CVE-2016-4730 1 Apple 3 Iphone Os, Safari, Tvos 2019-03-11 9.3 HIGH 8.8 HIGH
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735.
CVE-2016-4728 2 Apple, Microsoft 5 Iphone Os, Itunes, Safari and 2 more 2019-03-11 6.8 MEDIUM 8.8 HIGH
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2016-4766 2 Apple, Microsoft 5 Iphone Os, Itunes, Safari and 2 more 2019-03-11 6.8 MEDIUM 8.8 HIGH
WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768.
CVE-2017-2370 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-03-11 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app.
CVE-2017-2363 2 Apple, Webkitgtk 5 Iphone Os, Safari, Tvos and 2 more 2019-03-11 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2360 2 Apple, Webkitgtk 5 Iphone Os, Mac Os X, Tvos and 2 more 2019-03-11 9.3 HIGH 7.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
CVE-2017-2356 2 Apple, Webkitgtk 6 Icloud, Iphone Os, Itunes and 3 more 2019-03-11 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.