Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libimobiledevice libimobiledevice vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-10082
A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects the function plist_from_xml of the file src/xplist.c of the component XML Handler. The manipulation leads to xml external entity reference. The patch is named c086cb139af7c82845f6d565e6...
Libimobiledevice Libplist 1.12
5.5
CVSSv3
CVE-2017-7982
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist prior to 2017-04-19 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
Libimobiledevice Libplist
5
CVSSv3
CVE-2017-6436
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6435
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6437
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
Libplist Project Libplist 1.12
7.3
CVSSv3
CVE-2017-6438
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6439
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
Libplist Project Libplist 1.12
5
CVSSv3
CVE-2017-6440
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Libplist Project Libplist 1.12
5.5
CVSSv3
CVE-2017-5834
The parse_dict_node function in bplist.c in libplist allows malicious users to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
Libimobiledevice Libplist
7.5
CVSSv3
CVE-2017-5836
The plist_free_data function in plist.c in libplist allows malicious users to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
Libimobiledevice Libplist
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »