Apple

iPhone OS

4053 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.9%
  • Veröffentlicht 25.09.2016 10:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.

  • EPSS 0.35%
  • Veröffentlicht 25.09.2016 10:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CFNetwork in Apple iOS before 10 and OS X before 10.12 mishandles Local Storage deletion, which allows local users to discover the visited web sites of arbitrary users via unspecified vectors.

  • EPSS 5.76%
  • Veröffentlicht 25.09.2016 10:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

  • EPSS 1.36%
  • Veröffentlicht 25.09.2016 10:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app.

  • EPSS 8.63%
  • Veröffentlicht 25.09.2016 10:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary co...

  • EPSS 0.8%
  • Veröffentlicht 25.09.2016 10:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."

  • EPSS 1.57%
  • Veröffentlicht 25.09.2016 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733...

  • EPSS 0.32%
  • Veröffentlicht 18.09.2016 22:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users to discover cleartext AirPrint preview content by reading a temporary file.

  • EPSS 0.65%
  • Veröffentlicht 18.09.2016 22:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle attackers to discover mail credentials via unspecified vectors.

  • EPSS 1.76%
  • Veröffentlicht 18.09.2016 22:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction.