|
3191
|
-
5.0
|
MEDIUM
|
TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote attackers to obtain telephone number or e-mail a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6835
|
cpe:2.3:o:apple:iphone_os:7.0:* cpe:2.3:o:apple:iphone_os:7.0.5:* cpe:2.3:o:apple:iphone_os:7.0.4:* cpe:2.3:o:…
|
|
7.0.6
|
|
|
2024-11-21 10:59
2014-03-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3192
|
-
8.8
|
HIGH
|
Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5133
|
cpe:2.3:o:apple:iphone_os:7.0:* cpe:2.3:o:apple:iphone_os:7.0.5:* cpe:2.3:o:apple:iphone_os:7.0.4:* cpe:2.3:o:…
|
|
7.0.6
|
|
|
2024-11-21 10:57
2014-03-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3193
|
7.4
5.8
|
HIGH
Network
|
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6…
|
CWE-295
Improper Certificate Validation
|
CVE-2014-1266
|
cpe:2.3:o:apple:iphone_os:*:*
|
7.0 6.0
|
|
|
7.0.6 6.1.6
|
2024-11-21 11:03
2014-02-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3194
|
4.6
4.9
|
MEDIUM
Physics
|
The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account act…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2019
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
7.1
|
2024-11-21 11:05
2014-02-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3195
|
-
7.5
|
HIGH
|
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft W…
|
CWE-415
Double Free
|
CVE-2014-1252
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
7.0
|
|
|
2024-11-21 11:03
2014-01-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3196
|
-
6.8
|
MEDIUM
|
expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of serv…
|
CWE-611
XXE
|
CVE-2013-0340
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
14.8
|
2024-11-21 10:47
2014-01-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3197
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5228
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
7.0.6
|
|
|
2024-11-21 10:57
2013-12-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3198
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5225
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
7.0.6
|
|
|
2024-11-21 10:57
2013-12-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3199
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5199
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
7.0.6
|
|
|
2024-11-21 10:57
2013-12-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3200
|
-
6.8
|
MEDIUM
|
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5198
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
7.0.6
|
|
|
2024-11-21 10:57
2013-12-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|