Iphone Os Security Vulnerabilities and Issues — Page 24 of Iphone Os CVE List

Lucene search

AppleIphone Os

3721 matches found

CVE•added 2024/01/10 10:15 p.m.•85 views

CVE-2023-40414

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution.

9.8CVSS8.8AI score0.00253EPSS

CVE•added 2012/08/31 7:55 p.m.•84 views

CVE-2012-2871

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, relate...

6.8CVSS7.4AI score0.00601EPSS

CVE•added 2015/08/11 2:59 p.m.•84 views

CVE-2015-5522

Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an href.

6.8CVSS6.8AI score0.04193EPSS

CVE•added 2017/04/02 1:59 a.m.•84 views

CVE-2017-2445

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects.

6.1CVSS5.8AI score0.01127EPSS

CVE•added 2017/04/02 1:59 a.m.•84 views

CVE-2017-2464

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.09024EPSS

CVE•added 2017/04/02 1:59 a.m.•84 views

CVE-2017-2481

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.01255EPSS

CVE•added 2017/07/20 4:29 p.m.•84 views

CVE-2017-7011

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site that uses FRAME elements.

6.5CVSS6.1AI score0.00835EPSS

CVE•added 2017/07/20 4:29 p.m.•84 views

CVE-2017-7041

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

9.3CVSS8.1AI score0.1308EPSS

CVE•added 2017/07/20 4:29 p.m.•84 views

CVE-2017-7046

8.8CVSS8.1AI score0.0481EPSS

CVE•added 2017/10/23 1:29 a.m.•84 views

CVE-2017-7099

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execu...

8.8CVSS8AI score0.00513EPSS

CVE•added 2017/10/23 1:29 a.m.•84 views

CVE-2017-7120

8.8CVSS7.7AI score0.00513EPSS

CVE•added 2018/06/08 6:29 p.m.•84 views

CVE-2018-4198

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file...

5.5CVSS5.3AI score0.0046EPSS

CVE•added 2019/04/03 6:29 p.m.•84 views

CVE-2018-4374

A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

6.1CVSS6.4AI score0.0054EPSS

CVE•added 2019/03/05 4:29 p.m.•84 views

CVE-2019-6221

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.

7.8CVSS7.1AI score0.00259EPSS

CVE•added 2020/04/01 6:15 p.m.•84 views

CVE-2020-3910

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01174EPSS

CVE•added 2020/04/01 6:15 p.m.•84 views

CVE-2020-3911

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8CVSS7.7AI score0.01563EPSS

CVE•added 2020/04/01 6:15 p.m.•84 views

CVE-2020-9777

An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. This issue is fixed in iOS 13.4 and iPadOS 13.4. Cropped videos may not be shared properly via Mail.

5.3CVSS6AI score0.00237EPSS

CVE•added 2020/06/09 5:15 p.m.•84 views

CVE-2020-9791

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS

CVE•added 2020/06/09 5:15 p.m.•84 views

CVE-2020-9815

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.6AI score0.00633EPSS

CVE•added 2020/10/22 6:15 p.m.•84 views

CVE-2020-9873

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to a...

7.8CVSS8.1AI score0.00424EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1746

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.7AI score0.00881EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1786

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to create or modify system files.

5.5CVSS5.3AI score0.00158EPSS

CVE•added 2021/04/02 7:15 p.m.•84 views

CVE-2021-1794

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.1AI score0.01558EPSS

CVE•added 2021/09/08 2:15 p.m.•84 views

CVE-2021-30788

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory c...

7.1CVSS6.8AI score0.00337EPSS

CVE•added 2021/09/08 2:15 p.m.•84 views

CVE-2021-30789

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8CVSS8AI score0.00651EPSS

CVE•added 2021/10/28 7:15 p.m.•84 views

CVE-2021-30834

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, Security Update 2021-007 Catalina. Processing a malicious audio file may result in unexpected application termination or arbitrary code execution.

7.8CVSS7.8AI score0.00344EPSS

CVE•added 2021/08/24 7:15 p.m.•84 views

CVE-2021-30896

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to read user's gameplay data.

5.5CVSS5.2AI score0.00368EPSS

CVE•added 2022/03/18 6:15 p.m.•84 views

CVE-2022-22588

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 15.2.1 and iPadOS 15.2.1. Processing a maliciously crafted HomeKit accessory name may cause a denial of service.

5.5CVSS4.6AI score0.00226EPSS

CVE•added 2022/09/23 7:15 p.m.•84 views

CVE-2022-32819

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.

7.8CVSS7.4AI score0.00041EPSS

CVE•added 2022/09/23 7:15 p.m.•84 views

CVE-2022-32825

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.

5.5CVSS5.5AI score0.00064EPSS

CVE•added 2022/12/15 7:15 p.m.•84 views

CVE-2022-42848

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00091EPSS

CVE•added 2023/07/27 1:15 a.m.•84 views

CVE-2023-38136

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00045EPSS

CVE•added 2024/03/08 2:15 a.m.•84 views

CVE-2024-23235

A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to access user-sensitive data.

8.1CVSS6.3AI score0.00056EPSS

CVE•added 2025/01/27 10:15 p.m.•84 views

CVE-2025-24161

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.0003EPSS

CVE•added 2025/04/29 3:15 a.m.•84 views

CVE-2025-24206

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.

7.7CVSS7.8AI score0.00034EPSS

CVE•added 2008/08/27 8:41 p.m.•83 views

CVE-2008-3281

libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.

6.5CVSS6.3AI score0.00802EPSS

CVE•added 2016/09/25 10:59 a.m.•83 views

CVE-2016-4766

WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767,...

8.8CVSS8.7AI score0.00976EPSS

CVE•added 2017/02/20 8:59 a.m.•83 views

CVE-2016-7632

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of ser...

8.8CVSS8.1AI score0.00769EPSS

CVE•added 2017/04/02 1:59 a.m.•83 views

CVE-2017-2394

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.00986EPSS

CVE•added 2017/10/23 1:29 a.m.•83 views

CVE-2017-7090

7.5CVSS5.6AI score0.00613EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4331

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

10CVSS7.4AI score0.19923EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4354

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

8.6CVSS7.4AI score0.00335EPSS

CVE•added 2019/04/03 6:29 p.m.•83 views

CVE-2018-4394

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.

7.8CVSS7.1AI score0.00335EPSS

CVE•added 2019/12/18 6:15 p.m.•83 views

CVE-2019-8521

This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files.

5.8CVSS5.7AI score0.00356EPSS

CVE•added 2021/04/02 6:15 p.m.•83 views

CVE-2020-29619

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS7AI score0.00352EPSS

CVE•added 2020/02/27 9:15 p.m.•83 views

CVE-2020-3853

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS7.6AI score0.00414EPSS

CVE•added 2020/10/22 6:15 p.m.•83 views

CVE-2020-9879

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lea...

7.8CVSS8.2AI score0.00424EPSS

CVE•added 2020/10/16 5:15 p.m.•83 views

CVE-2020-9884

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00418EPSS

CVE•added 2021/04/02 6:15 p.m.•83 views

CVE-2021-1759

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

9.3CVSS8AI score0.00637EPSS

CVE•added 2021/09/08 3:15 p.m.•83 views

CVE-2021-1832

Copied files may not have the expected file permissions. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. The issue was addressed with improved permissions logic.

5.5CVSS5.8AI score0.00166EPSS

Total number of security vulnerabilities3721