Vulnerabilities > Libimobiledevice

DATE CVE VULNERABILITY TITLE RISK
2023-02-21 CVE-2015-10082 Unspecified vulnerability in Libimobiledevice Libplist 1.12
A vulnerability classified as problematic has been found in UIKit0 libplist 1.12.
network
low complexity
libimobiledevice
critical
9.8
2017-04-20 CVE-2017-7982 Integer Overflow or Wraparound vulnerability in Libimobiledevice Libplist
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
local
low complexity
libimobiledevice CWE-190
5.5
2017-03-03 CVE-2017-5836 Double Free vulnerability in Libimobiledevice Libplist
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
network
low complexity
libimobiledevice CWE-415
7.5
2017-03-03 CVE-2017-5835 Allocation of Resources Without Limits or Throttling vulnerability in Libimobiledevice Libplist
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
network
low complexity
libimobiledevice CWE-770
7.5
2017-03-03 CVE-2017-5834 Out-of-bounds Read vulnerability in Libimobiledevice Libplist
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
local
low complexity
libimobiledevice CWE-125
5.5
2017-01-21 CVE-2017-5545 Out-of-bounds Read vulnerability in Libimobiledevice Libplist
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
network
low complexity
libimobiledevice CWE-125
critical
9.1
2017-01-11 CVE-2017-5209 Out-of-bounds Read vulnerability in Libimobiledevice Libplist
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
network
low complexity
libimobiledevice CWE-125
critical
9.1
2016-06-13 CVE-2016-5104 Improper Access Control vulnerability in multiple products
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
network
low complexity
libimobiledevice canonical opensuse CWE-284
5.3