Vulnerabilities > Apple > Iphone OS > 7.1

DATE CVE VULNERABILITY TITLE RISK
2019-12-11 CVE-2019-14899 Man-in-the-Middle vulnerability in multiple products
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream.
low complexity
freebsd linux openbsd apple CWE-300
7.4
2019-07-01 CVE-2019-13118 Type Confusion vulnerability in multiple products
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
5.3
2019-04-03 CVE-2018-4465 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X
A memory corruption issue was addressed with improved memory handling.
network
apple CWE-119
critical
9.3
2019-04-03 CVE-2018-4464 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
6.8
2019-04-03 CVE-2018-4461 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
A memory corruption issue was addressed with improved input validation.
network
apple CWE-119
critical
9.3
2019-04-03 CVE-2018-4460 Improper Input Validation vulnerability in Apple products
A denial of service issue was addressed by removing the vulnerable code.
network
low complexity
apple CWE-20
4.0
2019-04-03 CVE-2018-4447 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
A memory corruption issue was addressed with improved state management.
network
apple CWE-119
critical
9.3
2019-04-03 CVE-2018-4446 Improper Input Validation vulnerability in Apple Iphone OS
This issue was addressed with improved entitlements.
network
apple CWE-20
4.3
2019-04-03 CVE-2018-4445 Information Exposure vulnerability in Apple Iphone OS and Safari
"Clear History and Website Data" did not clear the history.
network
low complexity
apple CWE-200
4.0
2019-04-03 CVE-2018-4443 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
6.8