Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • CPE Product: cpe:/:apple:iphone_os
  • Published Start Date: 01/01/2019
  • Published End Date: 12/31/2019
There are 368 matching records.
Displaying matches 361 through 368.
Vuln ID Summary CVSS Severity
CVE-2017-2411

In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.

Published: January 11, 2019; 1:29:00 PM -0500
V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-13891

In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management.

Published: January 11, 2019; 1:29:00 PM -0500
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-13888

In iOS before 11.2, a type confusion issue was addressed with improved memory handling.

Published: January 11, 2019; 1:29:00 PM -0500
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2016-7576

In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.

Published: January 11, 2019; 1:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-4644

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials.

Published: January 11, 2019; 1:29:00 PM -0500
V3.0: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-4643

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.

Published: January 11, 2019; 1:29:00 PM -0500
V3.0: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.

Published: January 11, 2019; 1:29:00 PM -0500
V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-20069

Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page.

Published: January 09, 2019; 2:29:03 PM -0500
V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM