Apple iOS vulnerabilities
3,941 known vulnerabilities affecting apple/iphone_os.
Total CVEs
3,941
CISA KEV
92
actively exploited
Public exploits
248
Exploited in wild
79
Severity breakdown
CRITICAL313HIGH1610MEDIUM1731LOW287
Vulnerabilities
Page 185 of 198
CVE-2012-0617CRITICALCVSS 9.3≤ 5.12012-03-08
CVE-2012-0617 [CRITICAL] CWE-119 CVE-2012-0617: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0646CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0646 [CRITICAL] CWE-134 CVE-2012-0646: Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitr
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.
nvd
CVE-2012-0622CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0622 [CRITICAL] CWE-119 CVE-2012-0622: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0627CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0627 [CRITICAL] CWE-119 CVE-2012-0627: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0609CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0609 [CRITICAL] CWE-119 CVE-2012-0609: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0614CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0614 [CRITICAL] CWE-119 CVE-2012-0614: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0616CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0616 [CRITICAL] CWE-119 CVE-2012-0616: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0595CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0595 [CRITICAL] CWE-119 CVE-2012-0595: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0631CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0631 [CRITICAL] CWE-119 CVE-2012-0631: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2011-2870CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2011-2870 [CRITICAL] CWE-119 CVE-2011-2870: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2011-2872CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2011-2872 [CRITICAL] CWE-119 CVE-2011-2872: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2011-2873CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2011-2873 [CRITICAL] CWE-119 CVE-2011-2873: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0606CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0606 [CRITICAL] CWE-119 CVE-2012-0606: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0635CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0635 [CRITICAL] CWE-119 CVE-2012-0635: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0604CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0604 [CRITICAL] CWE-119 CVE-2012-0604: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0625CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0625 [CRITICAL] CWE-119 CVE-2012-0625: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0611CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0611 [CRITICAL] CWE-119 CVE-2012-0611: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0623CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0623 [CRITICAL] CWE-119 CVE-2012-0623: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0626CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0626 [CRITICAL] CWE-119 CVE-2012-0626: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd
CVE-2012-0597CRITICALCVSS 9.3fixed in 5.12012-03-08
CVE-2012-0597 [CRITICAL] CWE-119 CVE-2012-0597: WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
nvd