CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22592 – webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
https://notcve.org/view.php?id=CVE-2022-22592
31 Jan 2022 — A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iOS versión 15.3 y iPadOS versión 15.3, watchOS versión 8.4, tvOS versión 15.3, Safari versión 15.3, macOS Monterey versión 12.2. • https://security.gentoo.org/glsa/202208-39 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2010-1776
https://notcve.org/view.php?id=CVE-2010-1776
24 Apr 2017 — Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod touch (2nd generation) and later, when Find My iPhone is disabled, allows remote authenticated users with an associated MobileMe account to wipe the device. Find My iPhone en iOS 2.0 hasta la versión 3.1.3 para iPhone 3G y posteriores e iOS 2.1 hasta la versión 3.1.3 para iPod touch (segunda generación) y posteriores, cuando Find My iPhone está deshabilitado, permite a usuarios remotos autenticados con una cue... • https://support.apple.com/en-us/HT4225 • CWE-254: 7PK - Security Features •
CVSS: 7.5EPSS: 1%CPEs: 50EXPL: 0CVE-2011-2391 – Apple Security Advisory 2013-09-18-2
https://notcve.org/view.php?id=CVE-2011-2391
19 Sep 2013 — The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets. La implementación de IPv6 en el núcleo de Apple iOS anterior a 7 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de paquetes ICMPv6 manipulados. OS X 10.10.2 and Security Update 2015-001 are now available and address information disclosure, arbitrary code execution, cache clearing, integer overflow, and variou... • http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 48EXPL: 0CVE-2013-5125 – Apple Security Advisory 2014-01-22-1
https://notcve.org/view.php?id=CVE-2013-5125
19 Sep 2013 — WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. WebKit tal y como se usa en Apple iOS para versiones anteriores a 7, permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída de la aplicación) a través de un sitio web manipulado. Vuln... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 48EXPL: 0CVE-2013-5126 – Apple Security Advisory 2014-01-22-1
https://notcve.org/view.php?id=CVE-2013-5126
19 Sep 2013 — WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2. WebKit, como se utiliza en Apple iOS anterior a 7, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a través de un sitio web manipulado, una vulnerabili... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5129 – Apple Security Advisory 2013-09-18-2
https://notcve.org/view.php?id=CVE-2013-5129
19 Sep 2013 — Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple iOS before 7 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation. Múltiples vulnerabilidades XSS en WebKit de Apple iOS anterior a la versión 7 permite a atacantes remotos asistidos por el usuario inyectar script web o HTML arbitrario a través de vectores que implican operaciones de (1) arrastrar y soltar o (2) copiar y pegar. iOS 7 is now a... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 2.6EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5137 – Apple Security Advisory 2013-09-18-2
https://notcve.org/view.php?id=CVE-2013-5137
19 Sep 2013 — IOKit in Apple iOS before 7 allows attackers to send user-interface events to the foreground app by leveraging control over a background app and using the (1) task-completion API or (2) VoIP API. IOKit en Apple iOS anteriores a la versión 7 permite a atacantes enviar eventos de la interfaz de usuario a la aplicación en primer plano aprovechando el control sobre una aplicación en segundo plano y usando (1) la API de completado de tareas o (2) la API VoIP. iOS 7 is now available and addresses Certificate Trus... • http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5138 – Apple Security Advisory 2013-09-18-2
https://notcve.org/view.php?id=CVE-2013-5138
19 Sep 2013 — IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted application. IOCatalogue en IOKitUser de Apple iOS (anteriores a v7) permite a atacantes causar una denegación de servicio (referencia a puntero nulo y cuelgue del dispositivo) a través de una aplicación manipulada. iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabi... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html •
CVSS: 9.3EPSS: 0%CPEs: 48EXPL: 0CVE-2013-5139 – Apple Security Advisory 2013-09-18-2
https://notcve.org/view.php?id=CVE-2013-5139
19 Sep 2013 — The IOSerialFamily driver in Apple iOS before 7 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds array access) via a crafted application. El driver IOSerialFamily de Apple iOS en versiones anteriores a 7 permite a atacantes ejecutar código arbitrario o causar denegación de servicio (acceso fuera de rango a array) a través de una aplicacion manipulada iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various ot... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 48EXPL: 0CVE-2013-5140 – Apple Security Advisory 2013-09-18-2
https://notcve.org/view.php?id=CVE-2013-5140
19 Sep 2013 — The kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (assertion failure and device restart) via an invalid packet fragment. El núcleo de Apple iOS anterior a 7 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y reinicio del dispositivo) vía un fragmento de paquete no válidos. iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities. • http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html • CWE-20: Improper Input Validation •