Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple iphone os 4.3.0 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-0195
The generate-id XPath function in libxslt in Apple iOS 4.3.x prior to 4.3.2 allows remote malicious users to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.
Apple Iphone Os 4.3.1
Apple Iphone Os 4.3.0
641
VMScore
CVE-2011-3442
The kernel in Apple iOS prior to 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.
Apple Iphone Os 4.3.2
Apple Iphone Os 5.0
Apple Iphone Os 4.3.4
Apple Iphone Os 4.3.5
Apple Iphone Os 4.3.1
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
383
VMScore
CVE-2011-3254
Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS prior to 5 allows remote malicious users to inject arbitrary web script or HTML via an invitation note.
Apple Iphone Os 4.3.2
Apple Iphone Os 4.2.9
Apple Iphone Os 4.2.8
Apple Iphone Os 4.3.4
Apple Iphone Os 4.3.5
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 4.2
Apple Iphone Os 4.2.1
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
383
VMScore
CVE-2011-3426
Cross-site scripting (XSS) vulnerability in Safari in Apple iOS prior to 5 allows remote web servers to inject arbitrary web script or HTML via a file accompanied by a "Content-Disposition: attachment" HTTP header.
Apple Iphone Os 4.0
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os 4.0.1
Apple Iphone Os 3.2
Apple Iphone Os 4.2.8
Apple Iphone Os 4.1
Apple Iphone Os 3.1.2
Apple Iphone Os 4.3.5
Apple Iphone Os 3.1.3
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 3.2.1
Apple Iphone Os 3.1
Apple Iphone Os 4.2.1
Apple Iphone Os 3.0
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
Apple Iphone Os 3.2.2
828
VMScore
CVE-2011-3430
The Settings component in Apple iOS prior to 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for malicious users to have an unspecified impact by leveraging incorrect configuration display.
Apple Iphone Os 4.0
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os 4.0.1
Apple Iphone Os 3.2
Apple Iphone Os 4.2.8
Apple Iphone Os 4.1
Apple Iphone Os 3.1.2
Apple Iphone Os 4.3.5
Apple Iphone Os 3.1.3
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 3.2.1
Apple Iphone Os 3.1
Apple Iphone Os 4.2.1
Apple Iphone Os 3.0
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
Apple Iphone Os 3.2.2
187
VMScore
CVE-2011-3245
The Keyboards component in Apple iOS prior to 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate malicious users to obtain sensitive information by reading this character.
Apple Iphone Os 4.0
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os 4.0.1
Apple Iphone Os 3.2
Apple Iphone Os 4.2.8
Apple Iphone Os 4.1
Apple Iphone Os 3.1.2
Apple Iphone Os 4.3.5
Apple Iphone Os 3.1.3
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 3.2.1
Apple Iphone Os 3.1
Apple Iphone Os 4.2.1
Apple Iphone Os 3.0
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
Apple Iphone Os 3.2.2
231
VMScore
CVE-2011-3253
CalDAV in Apple iOS prior to 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle malicious users to spoof calendar servers and obtain sensitive information via an arbitrary certificate.
Apple Iphone Os 4.0
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os 4.0.1
Apple Iphone Os 3.2
Apple Iphone Os 4.2.8
Apple Iphone Os 4.1
Apple Iphone Os 3.1.2
Apple Iphone Os 4.3.5
Apple Iphone Os 3.1.3
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 3.2.1
Apple Iphone Os 3.1
Apple Iphone Os 4.2.1
Apple Iphone Os 3.0
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
Apple Iphone Os 3.2.2
187
VMScore
CVE-2011-3257
The Data Access component in Apple iOS prior to 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a different account's cook...
Apple Iphone Os 4.0
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os 4.0.1
Apple Iphone Os 3.2
Apple Iphone Os 4.2.8
Apple Iphone Os 4.1
Apple Iphone Os 3.1.2
Apple Iphone Os 4.3.5
Apple Iphone Os 3.1.3
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 3.2.1
Apple Iphone Os 3.1
Apple Iphone Os 4.2.1
Apple Iphone Os 3.0
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
Apple Iphone Os 3.2.2
605
VMScore
CVE-2011-3260
Buffer overflow in OfficeImport in Apple iOS prior to 5 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft Word document.
Apple Iphone Os 4.0
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os 4.0.1
Apple Iphone Os 3.2
Apple Iphone Os 4.2.8
Apple Iphone Os 4.1
Apple Iphone Os 3.1.2
Apple Iphone Os 4.3.5
Apple Iphone Os 3.1.3
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 3.2.1
Apple Iphone Os 3.1
Apple Iphone Os 4.2.1
Apple Iphone Os 3.0
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
Apple Iphone Os 3.2.2
605
VMScore
CVE-2011-3261
Double free vulnerability in OfficeImport in Apple iOS prior to 5 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted Excel spreadsheet.
Apple Iphone Os 4.0
Apple Iphone Os 4.3.2
Apple Iphone Os 4.0.2
Apple Iphone Os 4.0.1
Apple Iphone Os 3.2
Apple Iphone Os 4.2.8
Apple Iphone Os 4.1
Apple Iphone Os 3.1.2
Apple Iphone Os 4.3.5
Apple Iphone Os 3.1.3
Apple Iphone Os 4.3.1
Apple Iphone Os 4.2.5
Apple Iphone Os 3.2.1
Apple Iphone Os 3.1
Apple Iphone Os 4.2.1
Apple Iphone Os 3.0
Apple Iphone Os 4.3.3
Apple Iphone Os 4.3.0
Apple Iphone Os 3.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »