|
3581
|
-
5.0
|
MEDIUM
|
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote…
|
CWE-200
Information Exposure
|
CVE-2009-2797
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
3.1.1 3.1
|
2026-04-23 09:35
2009-09-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3582
|
-
2.1
|
LOW
|
The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the pas…
|
CWE-200
Information Exposure
|
CVE-2009-2796
|
cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0.1:*
|
|
|
|
|
2026-04-23 09:35
2009-09-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3583
|
-
7.2
|
HIGH
|
Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2795
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
3.1.1 3.1
|
2026-04-23 09:35
2009-09-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3584
|
-
4.6
|
MEDIUM
|
The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows loc…
|
CWE-362
Race Condition
|
CVE-2009-2794
|
cpe:2.3:o:apple:iphone_os:3.0:- cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0.1:* cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2009-09-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3585
|
-
2.1
|
LOW
|
The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensiti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-2207
|
cpe:2.3:o:apple:iphone_os:3.0:- cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0.1:*
|
|
|
|
|
2026-04-23 09:35
2009-09-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3586
|
-
6.8
|
MEDIUM
|
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2206
|
cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0.1:* cpe:2.3:o:ap…
|
|
3.0.1 3.1
|
|
|
2026-04-23 09:35
2009-09-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3587
|
-
5.8
|
MEDIUM
|
Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoo…
|
NVD-CWE-Other
|
CVE-2009-2199
|
cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0.1:* cpe:2.3:o:ap…
|
|
3.0.1 3.1
|
|
|
2026-04-23 09:35
2009-08-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3588
|
6.5
4.3
|
MEDIUM
Network
|
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) vi…
|
CWE-416
Use After Free
|
CVE-2009-2416
|
cpe:2.3:o:apple:iphone_os:*:*
|
2.0
|
|
|
4.0
|
2026-04-23 09:35
2009-08-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3589
|
-
10.0
|
HIGH
|
Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS…
|
NVD-CWE-noinfo
|
CVE-2009-2204
|
cpe:2.3:o:apple:iphone_os:2.1:* cpe:2.3:o:apple:iphone_os:2.0:* cpe:2.3:o:apple:iphone_os:2.0.2:* cpe:2.3:o:ap…
|
|
3.0
|
|
|
2026-04-23 09:35
2009-08-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3590
|
-
9.3
|
HIGH
|
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly othe…
|
CWE-189
Numeric Errors
|
CVE-2009-1725
|
cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0:* cpe:2.3:o:apple:iphone_os:3.0.1:* cpe:2.3:o:ap…
|
|
3.0.1 3.1
|
|
|
2026-04-23 09:35
2009-07-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|