|
3601
|
-
9.3
|
HIGH
|
Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attac…
|
CWE-399
Resource Management Errors
|
CVE-2009-1701
|
cpe:2.3:o:apple:iphone_os:2.2:* cpe:2.3:o:apple:iphone_os:2.2.1:* cpe:2.3:o:apple:iphone_os:2.1:* cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2009-06-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3602
|
-
4.3
|
MEDIUM
|
The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attac…
|
CWE-200
Information Exposure
|
CVE-2009-1700
|
cpe:2.3:o:apple:iphone_os:2.2:* cpe:2.3:o:apple:iphone_os:2.2.1:* cpe:2.3:o:apple:iphone_os:2.1:* cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2009-06-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3603
|
7.5
7.1
|
HIGH
Network
|
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, whi…
|
CWE-611
XXE
|
CVE-2009-1699
|
cpe:2.3:o:apple:iphone_os:*:*
|
1.0.0
|
2.2.1
|
|
|
2026-04-23 09:35
2009-06-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3604
|
-
9.3
|
HIGH
|
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr fun…
|
CWE-94
Code Injection
|
CVE-2009-1698
|
cpe:2.3:o:apple:iphone_os:2.2:* cpe:2.3:o:apple:iphone_os:2.2:* cpe:2.3:o:apple:iphone_os:2.2.1:* cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2009-06-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3605
|
-
9.3
|
HIGH
|
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other produ…
|
CWE-399
Resource Management Errors
|
CVE-2009-1690
|
cpe:2.3:o:apple:iphone_os:2.2:- cpe:2.3:o:apple:iphone_os:2.2:- cpe:2.3:o:apple:iphone_os:2.2.1:- cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2009-06-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3606
|
-
7.5
|
HIGH
|
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcm…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2009-0946
|
cpe:2.3:o:apple:iphone_os:*:*
|
1.0.0
|
2.2.1
|
|
|
2026-04-23 09:35
2009-04-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3607
|
-
6.8
|
MEDIUM
|
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2009-0040
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
3.0
|
2026-04-23 09:35
2009-02-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3608
|
-
2.6
|
LOW
|
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote at…
|
NVD-CWE-Other
|
CVE-2008-4233
|
cpe:2.3:o:apple:iphone_os:2.1:* cpe:2.3:o:apple:iphone_os:2.0:* cpe:2.3:o:apple:iphone_os:2.0.2:* cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2008-11-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3609
|
-
5.0
|
MEDIUM
|
Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to …
|
NVD-CWE-Other
|
CVE-2008-4232
|
cpe:2.3:o:apple:iphone_os:2.1:* cpe:2.3:o:apple:iphone_os:2.0:* cpe:2.3:o:apple:iphone_os:2.0.2:* cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2008-11-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3610
|
-
9.3
|
HIGH
|
Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a…
|
CWE-399
Resource Management Errors
|
CVE-2008-4231
|
cpe:2.3:o:apple:iphone_os:2.1:* cpe:2.3:o:apple:iphone_os:2.0:* cpe:2.3:o:apple:iphone_os:2.0.2:* cpe:2.3:o:ap…
|
|
|
|
|
2026-04-23 09:35
2008-11-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|