iphone_os vulnerabilities and exploits

2.1
CVSSv2
CVE-2012-3731

Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attachments, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors....

2.1
CVSSv2
CVE-2018-4388

A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1....

3.5
CVSSv2
CVE-2016-1763

Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended message thread, which allows remote authenticated users to obtain sensitive information by providing a crafted sms: URL and reading a thread....

6.8
CVSSv2
CVE-2014-4494

Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining whether to solicit an app trust decision from the user, which allows attackers to bypass intended first-launch restrictions by leveraging access to an enterprise distribution certificate...

5
CVSSv2
CVE-2017-2400

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "SafariViewController" component. It allows attackers to obtain sensitive information by leveraging the SafariViewController's incorrect synchronization of...

5
CVSSv2
CVE-2017-2414

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "DataAccess" component. It allows remote attackers to access Exchange traffic in opportunistic circumstances by leveraging a mistake in typing an e-mail address....

2.1
CVSSv2
CVE-2016-7634

An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "Accessibility" component, which accepts spoken passwords without considering that they are locally audible....

6.8
CVSSv2
CVE-2012-3726

Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image....

3.6
CVSSv2
CVE-2012-3738

The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not properly limit the dialing methods, which allows physically proximate attackers to bypass intended access restrictions and make FaceTime calls through Voice Dialing, or obtain...

2.1
CVSSv2
CVE-2018-4387

A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1....