Filtered by vendor Apple
Subscriptions
Filtered by product Iphone Os
Subscriptions
Total
3920 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3427 | 1 Apple | 2 Apple Tv, Iphone Os | 2024-11-21 | N/A |
| The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate. | ||||
| CVE-2011-3426 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before 5 allows remote web servers to inject arbitrary web script or HTML via a file accompanied by a "Content-Disposition: attachment" HTTP header. | ||||
| CVE-2011-3261 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| Double free vulnerability in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Excel spreadsheet. | ||||
| CVE-2011-3260 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word document. | ||||
| CVE-2011-3259 | 1 Apple | 2 Apple Tv, Iphone Os | 2024-11-21 | N/A |
| The kernel in Apple iOS before 5 and Apple TV before 4.4 does not properly recover memory allocated for incomplete TCP connections, which allows remote attackers to cause a denial of service (resource consumption) by making many connection attempts. | ||||
| CVE-2011-3257 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a different account's cookie. | ||||
| CVE-2011-3256 | 2 Apple, Redhat | 3 Iphone Os, Enterprise Linux, Rhel Eus | 2024-11-21 | N/A |
| FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. | ||||
| CVE-2011-3255 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application. | ||||
| CVE-2011-3254 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note. | ||||
| CVE-2011-3253 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrary certificate. | ||||
| CVE-2011-3246 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
| CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies to unintended web sites, via a crafted (1) http or (2) https URL. | ||||
| CVE-2011-3245 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attackers to obtain sensitive information by reading this character. | ||||
| CVE-2011-3243 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows. | ||||
| CVE-2011-3234 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | N/A |
| Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-3102 | 3 Apple, Google, Redhat | 3 Iphone Os, Chrome, Enterprise Linux | 2024-11-21 | N/A |
| Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2011-3081 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | N/A |
| Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. | ||||
| CVE-2011-3078 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | N/A |
| Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. | ||||
| CVE-2011-3076 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | N/A |
| Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. | ||||
| CVE-2011-3075 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | N/A |
| Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. | ||||
| CVE-2011-3074 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-11-21 | N/A |
| Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. | ||||