2020

2019

2018

2017

2016

2015

CVE-2015-7037 (v2: 5) 11 Dec 2015
Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname.
CVE-2015-7006 (v2: 6.8) 23 Oct 2015
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive.
CVE-2015-5766 (v2: 5) 17 Aug 2015
Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling.
CVE-2015-1087 (v2: 2.1) 10 Apr 2015
Directory traversal vulnerability in Backup in Apple iOS before 8.3 allows attackers to read arbitrary files via a crafted relative path.

2014

CVE-2014-4384 (v2: 1.9) 18 Sep 2014
Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle.

2013

2012

2011

CVE-2011-3229 (v2: 6.8) 14 Oct 2011
Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL.
CVE-2011-0203 (v2: 5) 24 Jun 2011
Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing.