Vulnerabilities (CVE)

Vendor filter

Apple Subscribe

Product filter

Iphone Os Subscribe

Filter

1576 total CVE
CVE Vendors Products Updated CVSS
CVE-2015-4000 12 Google, Openssl, Apple and 9 more 25 Safari, Network Security Services, Ie and 22 more 2019-10-09 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a...
CVE-2017-2423 1 Apple 2 Mac Os X, Iphone Os 2019-10-03 7.5
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a...
CVE-2018-4155 1 Apple 5 Apple Tv, Iphone Os, Mac Os X and 2 more 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition...
CVE-2018-4154 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Storage" component. A race condition allows attackers to execute arbitrary code in a privileged context via...
CVE-2018-4310 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.5
An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
CVE-2018-4271 1 Apple 6 Icloud, Itunes, Safari and 3 more 2019-10-03 4.3
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
CVE-2018-4110 1 Apple 1 Iphone Os 2019-10-03 7.5
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence.
CVE-2017-7078 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 5.0
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. The issue involves the "Mail Drafts" component. It allows remote attackers to obtain sensitive information by reading unintended...
CVE-2017-2352 1 Apple 3 Iphone Os, Watch Os, Watchos 2019-10-03 2.1
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Unlock with iPhone" component, which allows attackers to bypass the wrist-presence protection mechanism...
CVE-2017-7133 1 Apple 1 Iphone Os 2019-10-03 5.0
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read...
CVE-2018-4151 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context...
CVE-2018-4273 1 Apple 6 Icloud, Itunes, Safari and 3 more 2019-10-03 4.3
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
CVE-2018-5383 2 Apple, Google 3 Iphone Os, Mac Os X, Android 2019-10-03 4.3
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to...
CVE-2017-2453 1 Apple 2 Iphone Os, Safari 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof FaceTime prompts in the user interface via a crafted web site.
CVE-2018-4156 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 7.6
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context...
CVE-2017-2417 1 Apple 5 Mac Os X, Iphone Os, Apple Tv and 2 more 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote...
CVE-2018-4173 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app.
CVE-2017-7146 1 Apple 1 Iphone Os 2019-10-03 5.0
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Security" component. It allows attackers to track users across installs via a crafted app that leverages Keychain data mishandling.
CVE-2017-2484 1 Apple 1 Iphone Os 2019-10-03 5.0
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Phone" component. It allows attackers to trigger telephone calls to arbitrary numbers via a third-party app.
CVE-2018-4131 1 Apple 2 Iphone Os, Mac Os X 2019-10-03 4.3
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log...