Iphone Os Security Vulnerabilities and Issues — Page 23 of Iphone Os CVE List

Lucene search

AppleIphone Os

3695 matches found

CVE•added 2022/11/01 8:15 p.m.•84 views

CVE-2022-32892

An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions.

8.6CVSS7.5AI score0.00108EPSS

CVE•added 2022/11/01 8:15 p.m.•84 views

CVE-2022-32926

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16. An app with root privileges may be able to execute arbitrary code with kernel privileges.

6.7CVSS7.2AI score0.00035EPSS

CVE•added 2023/02/27 8:15 p.m.•84 views

CVE-2023-23502

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout.

5.5CVSS4.3AI score0.00054EPSS

CVE•added 2023/06/23 6:15 p.m.•84 views

CVE-2023-32398

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to execute arbitrary code with kernel priv...

7.8CVSS7.9AI score0.00049EPSS

CVE•added 2023/09/27 3:18 p.m.•84 views

CVE-2023-39434

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00498EPSS

CVE•added 2017/04/02 1:59 a.m.•83 views

CVE-2017-2481

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.01255EPSS

CVE•added 2017/07/20 4:29 p.m.•83 views

CVE-2017-7039

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.03473EPSS

CVE•added 2017/07/20 4:29 p.m.•83 views

CVE-2017-7048

8.8CVSS8.1AI score0.0481EPSS

CVE•added 2017/10/23 1:29 a.m.•83 views

CVE-2017-7092

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execu...

8.8CVSS7.7AI score0.29833EPSS

CVE•added 2017/10/23 1:29 a.m.•83 views

CVE-2017-7104

8.8CVSS7.7AI score0.00513EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4198

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file...

5.5CVSS5.3AI score0.0046EPSS

CVE•added 2018/06/08 6:29 p.m.•83 views

CVE-2018-4226

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00047EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4374

A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

6.1CVSS6.4AI score0.00643EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4398

An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.

7.5CVSS6.9AI score0.00526EPSS

CVE•added 2019/03/05 4:29 p.m.•83 views

CVE-2019-6221

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.

7.8CVSS7.1AI score0.00259EPSS

CVE•added 2020/10/27 8:15 p.m.•83 views

CVE-2019-8827

The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. ...

4.3CVSS5.2AI score0.00609EPSS

CVE•added 2020/04/01 6:15 p.m.•83 views

CVE-2020-3910

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01174EPSS

CVE•added 2020/04/01 6:15 p.m.•83 views

CVE-2020-3911

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01563EPSS

CVE•added 2020/04/01 6:15 p.m.•83 views

CVE-2020-9777

An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. This issue is fixed in iOS 13.4 and iPadOS 13.4. Cropped videos may not be shared properly via Mail.

5.3CVSS6AI score0.00237EPSS

CVE•added 2020/06/09 5:15 p.m.•83 views

CVE-2020-9791

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS

CVE•added 2020/06/09 5:15 p.m.•83 views

CVE-2020-9815

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS

CVE•added 2020/10/22 6:15 p.m.•83 views

CVE-2020-9873

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to a...

7.8CVSS8.1AI score0.00424EPSS

CVE•added 2021/04/02 6:15 p.m.•83 views

CVE-2021-1746

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00459EPSS

CVE•added 2021/04/02 6:15 p.m.•83 views

CVE-2021-1786

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to create or modify system files.

5.5CVSS5.3AI score0.00065EPSS

CVE•added 2021/09/08 3:15 p.m.•83 views

CVE-2021-1846

Processing a maliciously crafted audio file may disclose restricted memory. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An out-of-bounds read was addressed with improved input validation.

5.5CVSS5.7AI score0.00296EPSS

CVE•added 2021/09/08 3:15 p.m.•83 views

CVE-2021-30681

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be...

9.3CVSS7.2AI score0.00157EPSS

CVE•added 2021/09/08 2:15 p.m.•83 views

CVE-2021-30788

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory c...

7.1CVSS6.8AI score0.00322EPSS

CVE•added 2021/09/08 2:15 p.m.•83 views

CVE-2021-30789

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8CVSS8AI score0.00623EPSS

CVE•added 2021/10/28 7:15 p.m.•83 views

CVE-2021-30834

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a malicious audio file may result in unexpected application termination or arbitrary code execution.

7.8CVSS7.8AI score0.00344EPSS

CVE•added 2021/08/24 7:15 p.m.•83 views

CVE-2021-30896

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to read user's gameplay data.

5.5CVSS5.2AI score0.00368EPSS

CVE•added 2022/03/18 6:15 p.m.•83 views

CVE-2022-22588

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 15.2.1 and iPadOS 15.2.1. Processing a maliciously crafted HomeKit accessory name may cause a denial of service.

5.5CVSS4.6AI score0.00226EPSS

CVE•added 2022/09/23 7:15 p.m.•83 views

CVE-2022-32817

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

5.5CVSS5.4AI score0.00065EPSS

CVE•added 2022/09/23 7:15 p.m.•83 views

CVE-2022-32819

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.

7.8CVSS7.4AI score0.00032EPSS

CVE•added 2022/09/23 7:15 p.m.•83 views

CVE-2022-32825

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

5.5CVSS5.5AI score0.0005EPSS

CVE•added 2022/12/15 7:15 p.m.•83 views

CVE-2022-42843

This issue was addressed with improved data protection. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. A user may be able to view sensitive user information.

8.6CVSS5.5AI score0.0004EPSS

CVE•added 2022/12/15 7:15 p.m.•83 views

CVE-2022-42848

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00089EPSS

CVE•added 2023/07/27 1:15 a.m.•83 views

CVE-2023-38136

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00059EPSS

CVE•added 2024/03/08 2:15 a.m.•83 views

CVE-2024-23235

A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to access user-sensitive data.

8.1CVSS6.3AI score0.00041EPSS

CVE•added 2012/11/28 1:55 a.m.•82 views

CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML docum...

6.8CVSS9.7AI score0.02065EPSS

CVE•added 2015/08/11 2:59 p.m.•82 views

CVE-2015-5522

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.

6.8CVSS6.8AI score0.04193EPSS

CVE•added 2016/09/25 10:59 a.m.•82 views

CVE-2016-4766

WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767,...

8.8CVSS8.7AI score0.00976EPSS

CVE•added 2017/07/20 4:29 p.m.•82 views

CVE-2017-7011

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site that uses FRAME elements.

6.5CVSS6.1AI score0.00835EPSS

CVE•added 2017/07/20 4:29 p.m.•82 views

CVE-2017-7038

A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.

6.1CVSS5.8AI score0.0561EPSS

CVE•added 2017/07/20 4:29 p.m.•82 views

CVE-2017-7041

9.3CVSS8.1AI score0.1308EPSS

CVE•added 2017/10/23 1:29 a.m.•82 views

CVE-2017-7081

8.8CVSS8AI score0.00513EPSS

CVE•added 2017/10/23 1:29 a.m.•82 views

CVE-2017-7099

8.8CVSS8AI score0.00513EPSS

CVE•added 2017/10/23 1:29 a.m.•82 views

CVE-2017-7120

8.8CVSS7.7AI score0.00513EPSS

CVE•added 2019/04/03 6:29 p.m.•82 views

CVE-2018-4354

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

8.6CVSS7.4AI score0.00335EPSS

CVE•added 2019/04/03 6:29 p.m.•82 views

CVE-2018-4394

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.

7.8CVSS7.1AI score0.00335EPSS

CVE•added 2019/12/18 6:15 p.m.•82 views

CVE-2019-6207

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS5.4AI score0.00656EPSS

Total number of security vulnerabilities3695