Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libimobiledevice libimobiledevice vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv2
CVE-2013-2142
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.pem, (3) libimobiledevicerc, (4) RootCertificate.pem, or (5) RootPrivateKey.pem i...
Libimobiledevice Libimobiledevice 1.1.4
5
CVSSv2
CVE-2016-5104
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote malicious users to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.
Libimobiledevice Libusbmuxd
Libimobiledevice Libimobiledevice
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Opensuse Opensuse 13.2
Opensuse Leap 42.1
5
CVSSv2
CVE-2017-5835
libplist allows malicious users to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
Libimobiledevice Libplist
6.4
CVSSv2
CVE-2017-5545
The main function in plistutil.c in libimobiledevice libplist up to and including 1.12 allows malicious users to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
Libimobiledevice Libplist
6.4
CVSSv2
CVE-2017-5209
The base64decode function in base64.c in libimobiledevice libplist up to and including 1.12 allows malicious users to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
Libimobiledevice Libplist
4.3
CVSSv2
CVE-2017-5834
The parse_dict_node function in bplist.c in libplist allows malicious users to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
Libimobiledevice Libplist
5
CVSSv2
CVE-2017-5836
The plist_free_data function in plist.c in libplist allows malicious users to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
Libimobiledevice Libplist
4.3
CVSSv2
CVE-2017-7982
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist prior to 2017-04-19 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
Libimobiledevice Libplist
NA
CVE-2015-10082
A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects the function plist_from_xml of the file src/xplist.c of the component XML Handler. The manipulation leads to xml external entity reference. The patch is named c086cb139af7c82845f6d565e6...
Libimobiledevice Libplist 1.12
1.9
CVSSv2
CVE-2017-6435
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
Libplist Project Libplist 1.12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »