Vulnerabilities > Apple > Iphone OS > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-10-23 CVE-2017-7128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-119
critical
9.8
2017-10-23 CVE-2017-7129 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-119
critical
9.8
2017-10-23 CVE-2017-7130 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-119
critical
9.8
2017-09-28 CVE-2017-11120 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.
network
low complexity
broadcom apple CWE-119
critical
9.8
2017-09-28 CVE-2017-11121 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.
network
low complexity
broadcom apple CWE-119
critical
9.8
2017-08-16 CVE-2017-8248 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS
A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.
network
low complexity
apple CWE-119
critical
9.8
2017-07-20 CVE-2017-7062 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-119
critical
9.8
2017-05-23 CVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp nodejs
critical
9.8
2017-05-23 CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs
critical
9.8
2017-05-22 CVE-2017-2513 Use After Free vulnerability in Apple products
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-416
critical
9.8