Iphone Os Security Vulnerabilities and Issues — Page 37 of Iphone Os CVE List

Lucene search

AppleIphone Os

3721 matches found

CVE•added 2021/08/24 7:15 p.m.•68 views

CVE-2021-30991

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00265EPSS

CVE•added 2022/11/01 8:15 p.m.•68 views

CVE-2022-32907

This issue was addressed with improved checks. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.00146EPSS

CVE•added 2022/11/01 8:15 p.m.•68 views

CVE-2022-32941

The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A buffer overflow may result in arbitrary code execution.

9.8CVSS8.8AI score0.00429EPSS

CVE•added 2023/06/23 6:15 p.m.•68 views

CVE-2023-27940

The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, macOS Ventura 13.4. A sandboxed app may be able to observe system-wide network connections.

6.3CVSS5.6AI score0.00031EPSS

CVE•added 2023/09/27 3:18 p.m.•68 views

CVE-2023-32396

This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.

7.8CVSS7AI score0.00021EPSS

CVE•added 2024/01/23 1:15 a.m.•68 views

CVE-2024-23211

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings.

3.3CVSS4.5AI score0.00025EPSS

CVE•added 2024/01/23 1:15 a.m.•68 views

CVE-2024-23214

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00261EPSS

CVE•added 2024/03/08 2:15 a.m.•68 views

CVE-2024-23259

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.

6.5CVSS6.5AI score0.00089EPSS

CVE•added 2024/03/08 2:15 a.m.•68 views

CVE-2024-23262

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to spoof system notifications and UI.

4.3CVSS6.5AI score0.00115EPSS

CVE•added 2024/06/10 9:15 p.m.•68 views

CVE-2024-27832

The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges.

9.1CVSS5.7AI score0.00112EPSS

CVE•added 2024/06/10 9:15 p.m.•68 views

CVE-2024-27840

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypass...

7.5CVSS6.4AI score0.00015EPSS

CVE•added 2024/10/04 12:15 a.m.•68 views

CVE-2024-44207

This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indicator is activated.

4.3CVSS5.7AI score0.00099EPSS

CVE•added 2025/01/27 10:15 p.m.•68 views

CVE-2024-54507

A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An attacker with user privileges may be able to read kernel memory.

9.1CVSS5.5AI score0.00095EPSS

CVE•added 2025/03/31 11:15 p.m.•68 views

CVE-2025-30438

This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was...

5.5CVSS5.5AI score0.00021EPSS

CVE•added 2025/05/12 10:15 p.m.•68 views

CVE-2025-31215

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.

6.5CVSS5.8AI score0.00208EPSS

CVE•added 2015/08/16 11:59 p.m.•67 views

CVE-2015-3755

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.

4.3CVSS7.8AI score0.01386EPSS

CVE•added 2015/09/18 10:59 a.m.•67 views

CVE-2015-5822

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-0...

6.8CVSS8.8AI score0.01009EPSS

CVE•added 2015/09/18 10:59 a.m.•67 views

CVE-2015-5827

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.

5CVSS7.6AI score0.00441EPSS

CVE•added 2016/03/24 1:59 a.m.•67 views

CVE-2016-1755

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.

9.3CVSS7.1AI score0.03453EPSS

CVE•added 2016/05/20 10:59 a.m.•67 views

CVE-2016-1828

The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1829, ...

9.3CVSS7.5AI score0.05151EPSS

CVE•added 2016/09/25 10:59 a.m.•67 views

CVE-2016-4728

WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site.

8.8CVSS8.4AI score0.01042EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2440

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS8.1AI score0.00451EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2448

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Keychain secret protection mechanism by leveraging l...

5.9CVSS6AI score0.00682EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2453

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof FaceTime prompts in the user interface via a crafted web site.

6.5CVSS6AI score0.00367EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2455

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.04294EPSS

CVE•added 2017/04/02 1:59 a.m.•67 views

CVE-2017-2473

9.3CVSS8.1AI score0.04697EPSS

Web

CVE•added 2017/07/20 4:29 p.m.•67 views

CVE-2017-7024

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS8.1AI score0.00472EPSS

CVE•added 2017/07/20 4:29 p.m.•67 views

CVE-2017-7026

9.3CVSS8.1AI score0.00183EPSS

CVE•added 2017/07/20 4:29 p.m.•67 views

CVE-2017-7028

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a craf...

5.5CVSS5.4AI score0.00265EPSS

CVE•added 2017/10/23 1:29 a.m.•67 views

CVE-2017-7080

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended certificate-trust restrictions via a rev...

7.5CVSS6.9AI score0.00441EPSS

CVE•added 2017/10/23 1:29 a.m.•67 views

CVE-2017-7088

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange account.

7.1CVSS6AI score0.01577EPSS

CVE•added 2019/03/05 4:29 p.m.•67 views

CVE-2019-6219

A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. Processing a maliciously crafted message may lead to a denial of service.

7.5CVSS6.9AI score0.01042EPSS

CVE•added 2020/10/27 8:15 p.m.•67 views

CVE-2019-8612

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS ...

6.5CVSS6.1AI score0.00323EPSS

CVE•added 2020/10/27 8:15 p.m.•67 views

CVE-2019-8638

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS9.1AI score0.00758EPSS

CVE•added 2019/12/18 6:15 p.m.•67 views

CVE-2019-8804

An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.

5.7CVSS5.5AI score0.00155EPSS

CVE•added 2020/12/08 8:15 p.m.•67 views

CVE-2020-10004

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS7.7AI score0.00559EPSS

CVE•added 2020/06/09 5:15 p.m.•67 views

CVE-2020-9830

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00264EPSS

CVE•added 2020/06/09 5:15 p.m.•67 views

CVE-2020-9835

An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 13.5 and iPadOS 13.5. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing.

5.3CVSS5.7AI score0.00241EPSS

CVE•added 2020/10/16 5:15 p.m.•67 views

CVE-2020-9885

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group.

5.5CVSS6.1AI score0.0011EPSS

CVE•added 2020/10/16 5:15 p.m.•67 views

CVE-2020-9923

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS8.2AI score0.00209EPSS

CVE•added 2020/10/22 7:15 p.m.•67 views

CVE-2020-9994

A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to overwrite arbitrary files.

7.1CVSS6.4AI score0.00284EPSS

CVE•added 2021/09/08 2:15 p.m.•67 views

CVE-2021-30752

Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An out-of-bounds read was addressed with improved input validation.

7.8CVSS8AI score0.00406EPSS

CVE•added 2021/10/19 2:15 p.m.•67 views

CVE-2021-30826

A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. In certain situations, the baseband would fail to enable integrity and ciphering protection.

7.5CVSS6.9AI score0.00289EPSS

CVE•added 2021/08/24 7:15 p.m.•67 views

CVE-2021-30926

Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.6AI score0.00775EPSS

CVE•added 2021/08/24 7:15 p.m.•67 views

CVE-2021-30947

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to access a user's files.

5.5CVSS5.5AI score0.0029EPSS

CVE•added 2022/03/18 6:15 p.m.•67 views

CVE-2022-22584

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS8.3AI score0.00452EPSS

CVE•added 2022/11/01 8:15 p.m.•67 views

CVE-2022-32903

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS8AI score0.0018EPSS

CVE•added 2022/11/01 8:15 p.m.•67 views

CVE-2022-32939

The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.00127EPSS

CVE•added 2023/09/27 3:19 p.m.•67 views

CVE-2023-40384

A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information.

3.3CVSS3.7AI score0.0002EPSS

CVE•added 2024/01/23 1:15 a.m.•67 views

CVE-2024-23203

The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.

7.5CVSS6.4AI score0.00147EPSS

Total number of security vulnerabilities3721