Apple Icloud vulnerabilities
449 known vulnerabilities affecting apple/icloud.
Total CVEs
449
CISA KEV
2
actively exploited
Public exploits
65
Exploited in wild
3
Severity breakdown
CRITICAL19HIGH343MEDIUM85LOW2
Vulnerabilities
Page 22 of 23
CVE-2016-4692HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-4692 [HIGH] CWE-119 CVE-2016-4692: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2017-2355HIGHCVSS 8.8fixed in 6.1.12017-02-20
CVE-2017-2355 [HIGH] CWE-119 CVE-2017-2355: An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized
nvd
CVE-2016-7587HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7587 [HIGH] CWE-119 CVE-2016-7587: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7645HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7645 [HIGH] CWE-119 CVE-2016-7645: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7632HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7632 [HIGH] CWE-119 CVE-2016-7632: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7652HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7652 [HIGH] CWE-119 CVE-2016-7652: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7589HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7589 [HIGH] CWE-119 CVE-2016-7589: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruptio
nvd
CVE-2016-7640HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7640 [HIGH] CWE-119 CVE-2016-7640: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7610HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7610 [HIGH] CWE-119 CVE-2016-7610: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7639HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7639 [HIGH] CWE-119 CVE-2016-7639: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2017-2366HIGHCVSS 8.8≤ 6.1.02017-02-20
CVE-2017-2366 [HIGH] CWE-119 CVE-2017-2366: An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a
nvd
CVE-2016-7646HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7646 [HIGH] CWE-119 CVE-2016-7646: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7642HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7642 [HIGH] CWE-119 CVE-2016-7642: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7649HIGHCVSS 8.8≤ 6.0.12017-02-20
CVE-2016-7649 [HIGH] CWE-119 CVE-2016-7649: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra
nvd
CVE-2016-7614MEDIUMCVSS 5.5≤ 6.0.12017-02-20
CVE-2016-7614 [MEDIUM] CWE-200 CVE-2016-7614: An issue was discovered in certain Apple products. iCloud before 6.1 is affected. The issue involves
An issue was discovered in certain Apple products. iCloud before 6.1 is affected. The issue involves the "Windows Security" component. It allows local users to obtain sensitive information from iCloud desktop-client process memory via unspecified vectors.
nvd
CVE-2016-7592MEDIUMCVSS 4.3≤ 6.0.12017-02-20
CVE-2016-7592 [MEDIUM] CWE-200 CVE-2016-7592: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive information via crafted JavaScript prompts on a web site.
nvd
CVE-2016-7586MEDIUMCVSS 6.5≤ 6.0.12017-02-20
CVE-2016-7586 [MEDIUM] CWE-200 CVE-2016-7586: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.
nvd
CVE-2016-4613MEDIUMCVSS 6.5≤ 6.0.02017-02-20
CVE-2016-4613 [MEDIUM] CWE-200 CVE-2016-4613: An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6
An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a crafted web site.
nvd
CVE-2016-7598MEDIUMCVSS 6.5≤ 6.0.12017-02-20
CVE-2016-7598 [MEDIUM] CWE-200 CVE-2016-7598: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memory via a crafted web site.
nvd
CVE-2016-7599MEDIUMCVSS 6.5≤ 6.0.12017-02-20
CVE-2016-7599 [MEDIUM] CWE-200 CVE-2016-7599: An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP
nvd