Search Results (Refine Search)
- Keyword (text search): apple ios passcode
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-2399 |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Pasteboard" component. It allows physically proximate attackers to read the pasteboard by leveraging the use of an encryption key derived only from the hardware UID (rather than that UID in addition to the user passcode). Published: April 01, 2017; 9:59:00 PM -0400 |
V3.0: 4.6 MEDIUM V2.0: 2.1 LOW |
CVE-2016-4781 |
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "SpringBoard" component, which allows physically proximate attackers to bypass the passcode attempt counter and unlock a device via unspecified vectors. Published: February 20, 2017; 3:59:01 AM -0500 |
V3.0: 6.8 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2015-5850 |
AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup. Published: September 18, 2015; 7:00:03 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2015-1108 |
The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses. Published: April 10, 2015; 10:59:23 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2015-1107 |
The Lock Screen component in Apple iOS before 8.3 does not properly implement the erasure feature for incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses. Published: April 10, 2015; 10:59:22 AM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2015-1106 |
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.3 allows physically proximate attackers to discover passcodes by reading the lock screen during use of a Bluetooth keyboard. Published: April 10, 2015; 10:59:21 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2015-1085 |
AppleKeyStore in Apple iOS before 8.3 does not properly restrict a certain passcode-confirmation interface, which makes it easier for attackers to verify correct passcode guesses via a crafted app. Published: April 10, 2015; 10:59:01 AM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2014-1352 |
Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors. Published: July 01, 2014; 6:17:26 AM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2014-1351 |
Siri in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended lock-screen passcode requirement, and read a contact list, via a Siri request that refers to a contact ambiguously. Published: July 01, 2014; 6:17:26 AM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-2013-5162 |
Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass the passcode-failure disabled state by leveraging certain incorrect visibility of the passcode-entry view after use of the Phone app. Published: October 23, 2013; 11:48:48 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2013-5144 |
Passcode Lock in Apple iOS before 7.0.3 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by tapping the emergency-call button during a certain notification and camera-pane state to trigger a NULL pointer dereference. Published: October 23, 2013; 11:48:48 PM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2013-5161 |
Passcode Lock in Apple iOS before 7.0.2 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement, and open the Camera app or read the list of all recently opened apps, by leveraging unspecified transition errors. Published: September 27, 2013; 11:40:55 PM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2013-5160 |
Passcode Lock in Apple iOS before 7.0.2 on iPhone devices allows physically proximate attackers to bypass an intended passcode requirement, and dial arbitrary telephone numbers, by making a series of taps of the emergency-call button to trigger a NULL pointer dereference. Published: September 27, 2013; 11:40:55 PM -0400 |
V3.x:(not available) V2.0: 3.3 LOW |
CVE-2013-5147 |
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition involving phone calls and ejection of a SIM card. Published: September 19, 2013; 6:28:00 AM -0400 |
V3.x:(not available) V2.0: 3.7 LOW |
CVE-2013-0957 |
Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox. Published: September 19, 2013; 6:27:55 AM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2013-0980 |
The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging an error in the emergency-call feature. Published: March 20, 2013; 10:55:04 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2012-3750 |
The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors. Published: November 03, 2012; 1:55:01 PM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-2012-3740 |
The Passcode Lock implementation in Apple iOS before 6 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors. Published: September 20, 2012; 5:55:04 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2012-3739 |
The Passcode Lock implementation in Apple iOS before 6 allows physically proximate attackers to bypass an intended passcode requirement via vectors involving use of the camera. Published: September 20, 2012; 5:55:04 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2012-3738 |
The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods, which allows physically proximate attackers to bypass intended access restrictions and make FaceTime calls through Voice Dialing, or obtain sensitive contact information by attempting to make a FaceTime call and reading the contact suggestions. Published: September 20, 2012; 5:55:04 PM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |