Vulnerabilities > Apple > Iphone OS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-01-24 | CVE-2014-1252 | Double Free vulnerability in Apple Iphone OS, mac OS X and Pages Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word file. | 7.5 |
| 2013-09-19 | CVE-2013-5155 | Improper Input Validation vulnerability in Apple Iphone OS The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service (infinite loop) via an application that writes crafted values to /dev/random. | 7.1 |
| 2013-09-19 | CVE-2013-5141 | Numeric Errors vulnerability in Apple Iphone OS The kernel in Apple iOS before 7 uses an incorrect data size for a certain integer variable, which allows attackers to cause a denial of service (infinite loop and device hang) via a crafted application, related to an "integer truncation vulnerability." | 7.1 |
| 2013-09-19 | CVE-2013-5140 | Improper Input Validation vulnerability in Apple Iphone OS The kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (assertion failure and device restart) via an invalid packet fragment. | 7.8 |
| 2013-03-20 | CVE-2013-0981 | Unspecified vulnerability in Apple Iphone OS and Tvos The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code. | 7.2 |
| 2012-11-14 | CVE-2012-2619 | Improper Input Validation vulnerability in multiple products The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information element. | 7.8 |
| 2012-03-30 | CVE-2011-3064 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. | 7.5 |
| 2012-02-16 | CVE-2011-3021 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. | 7.5 |
| 2011-11-11 | CVE-2011-3442 | Resource Management Errors vulnerability in Apple Iphone OS The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app. | 7.2 |
| 2011-08-29 | CVE-2011-0228 | Improper Input Validation vulnerability in Apple Iphone OS The Data Security component in Apple iOS before 4.2.10 and 4.3.x before 4.3.5 does not check the basicConstraints parameter during validation of X.509 certificate chains, which allows man-in-the-middle attackers to spoof an SSL server by using a non-CA certificate to sign a certificate for an arbitrary domain. | 7.5 |