Apple

iPhone OS

3839 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-4657

Warnung Exploit
  • EPSS 78.36%
  • Veröffentlicht 25.08.2016 21:59:02
  • Zuletzt bearbeitet 22.10.2025 00:15:53

WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

9.3

CVE-2016-4656

Warnung Exploit
  • EPSS 73.33%
  • Veröffentlicht 25.08.2016 21:59:01
  • Zuletzt bearbeitet 22.10.2025 00:15:53

The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

7.1

CVE-2016-4655

Warnung Exploit
  • EPSS 82.29%
  • Veröffentlicht 25.08.2016 21:59:00
  • Zuletzt bearbeitet 22.10.2025 00:15:53

The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.

9.3

CVE-2016-4654

  • EPSS 0.36%
  • Veröffentlicht 18.08.2016 19:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IOMobileFrameBuffer in Apple iOS before 9.3.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

8.8

CVE-2016-5131

  • EPSS 3.87%
  • Veröffentlicht 23.07.2016 19:59:13
  • Zuletzt bearbeitet 04.12.2025 17:15:49

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

7.8

CVE-2016-4653

  • EPSS 0.06%
  • Veröffentlicht 22.07.2016 03:00:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-...

6.1

CVE-2016-4651

  • EPSS 0.18%
  • Veröffentlicht 22.07.2016 03:00:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the WebKit JavaScript bindings in Apple iOS before 9.3.3 and Safari before 9.1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP/0.9 response, related to a "cross-protocol ...

8.8

CVE-2016-4637

Exploit
  • EPSS 2.1%
  • Veröffentlicht 22.07.2016 02:59:57
  • Zuletzt bearbeitet 12.04.2025 10:46:40

CoreGraphics in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted BMP image.

5.3

CVE-2016-4635

  • EPSS 0.4%
  • Veröffentlicht 22.07.2016 02:59:56
  • Zuletzt bearbeitet 12.04.2025 10:46:40

FaceTime in Apple iOS before 9.3.3 and OS X before 10.11.6 allows man-in-the-middle attackers to spoof relayed-call termination, and obtain sensitive audio information in opportunistic circumstances, via unspecified vectors.

7.5

CVE-2016-4632

  • EPSS 2.62%
  • Veröffentlicht 22.07.2016 02:59:53
  • Zuletzt bearbeitet 12.04.2025 10:46:40

ImageIO in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.