Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleIphone Os

3721 matches found

cve
cveadded 2020/04/01 6:15 p.m.185 views

CVE-2020-3902

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site script...

6.1CVSS6.5AI score0.00844EPSS
cve
cveadded 2020/12/08 8:15 p.m.185 views

CVE-2020-9947

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.01065EPSS
cve
cveadded 2023/02/27 8:15 p.m.184 views

CVE-2022-32784

The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.

6.5CVSS5.4AI score0.00122EPSS
cve
cveadded 2021/10/28 7:15 p.m.183 views

CVE-2021-30809

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00777EPSS
cve
cveadded 2017/09/12 3:29 p.m.182 views

CVE-2017-14315

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attack...

7.9CVSS7.5AI score0.00074EPSS
cve
cveadded 2021/08/24 7:15 p.m.182 views

CVE-2021-30952

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00421EPSS
cve
cveadded 2025/02/10 7:15 p.m.182 views

CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service.

6.5CVSS6.4AI score0.00152EPSS
cve
cveadded 2019/03/05 4:29 p.m.181 views

CVE-2019-6229

A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS6AI score0.00713EPSS
cve
cveadded 2019/12/18 6:15 p.m.181 views

CVE-2019-7285

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8.6AI score0.0128EPSS
cve
cveadded 2020/04/14 11:15 p.m.181 views

CVE-2020-11759

An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.

5.5CVSS6.1AI score0.00718EPSS
cve
cveadded 2021/09/08 3:15 p.m.181 views

CVE-2021-1826

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting.

6.1CVSS6.1AI score0.00695EPSS
cve
cveadded 2021/10/28 7:15 p.m.181 views

CVE-2021-30823

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS.

6.5CVSS6AI score0.00502EPSS
cve
cveadded 2021/08/24 2:15 p.m.181 views

CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed...

7.5CVSS7.6AI score0.00977EPSS
cve
cveadded 2022/05/26 8:15 p.m.181 views

CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7CVSS5.4AI score0.00059EPSS
cve
cveadded 2016/02/07 1:59 a.m.180 views

CVE-2016-0801

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.

9.8CVSS7.6AI score0.46032EPSS
Web
cve
cveadded 2022/03/13 6:15 p.m.180 views

CVE-2022-26981

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).

7.8CVSS7.8AI score0.00344EPSS
cve
cveadded 2021/08/24 7:15 p.m.179 views

CVE-2021-30984

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

7.5CVSS7.9AI score0.00879EPSS
cve
cveadded 2022/09/23 7:15 p.m.179 views

CVE-2022-22624

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00276EPSS
cve
cveadded 2022/09/23 7:15 p.m.179 views

CVE-2022-22628

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00127EPSS
cve
cveadded 2023/02/27 8:15 p.m.179 views

CVE-2023-23496

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.00198EPSS
cve
cveadded 2021/08/24 7:15 p.m.178 views

CVE-2021-30953

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00617EPSS
cve
cveadded 2021/08/24 7:15 p.m.177 views

CVE-2021-30954

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8AI score0.00366EPSS
cve
cveadded 2019/12/18 6:15 p.m.176 views

CVE-2019-7292

A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory.

6.5CVSS6.4AI score0.00627EPSS
cve
cveadded 2021/10/19 2:15 p.m.176 views

CVE-2021-30848

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

7.8CVSS8AI score0.00898EPSS
cve
cveadded 2018/06/08 6:29 p.m.175 views

CVE-2018-4233

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" co...

8.8CVSS8.8AI score0.89144EPSS
cve
cveadded 2021/08/24 7:15 p.m.175 views

CVE-2021-30884

The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.

4.7CVSS5.5AI score0.0028EPSS
cve
cveadded 2019/03/05 4:29 p.m.174 views

CVE-2019-6215

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.1AI score0.4241EPSS
cve
cveadded 2022/03/18 6:15 p.m.174 views

CVE-2022-22590

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00308EPSS
cve
cveadded 2022/11/01 8:15 p.m.174 views

CVE-2022-26709

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00162EPSS
cve
cveadded 2019/04/03 6:29 p.m.173 views

CVE-2018-4386

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

8.8CVSS8.2AI score0.37686EPSS
cve
cveadded 2022/09/20 9:15 p.m.173 views

CVE-2022-32886

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00358EPSS
cve
cveadded 2016/07/22 2:59 a.m.172 views

CVE-2016-4622

WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624.

8.8CVSS8.3AI score0.71482EPSS
cve
cveadded 2019/03/05 4:29 p.m.172 views

CVE-2019-6227

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00651EPSS
cve
cveadded 2021/08/24 7:15 p.m.172 views

CVE-2021-30951

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.01133EPSS
cve
cveadded 2019/04/03 6:29 p.m.170 views

CVE-2018-4270

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

6.5CVSS7.1AI score0.00394EPSS
cve
cveadded 2019/04/03 6:29 p.m.170 views

CVE-2018-4407

A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

8.8CVSS7.4AI score0.90882EPSS
Web
cve
cveadded 2019/03/05 4:29 p.m.170 views

CVE-2019-6212

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00544EPSS
cve
cveadded 2023/08/14 11:15 p.m.170 views

CVE-2023-28198

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00055EPSS
cve
cveadded 2017/05/22 5:29 a.m.169 views

CVE-2017-2520

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of ...

9.8CVSS8.8AI score0.0245EPSS
cve
cveadded 2019/03/05 4:29 p.m.169 views

CVE-2019-6216

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00641EPSS
cve
cveadded 2019/12/18 6:15 p.m.169 views

CVE-2019-8503

A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website.

9.3CVSS7.7AI score0.00862EPSS
cve
cveadded 2019/12/18 6:15 p.m.169 views

CVE-2019-8515

A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information.

6.5CVSS6.4AI score0.0048EPSS
cve
cveadded 2019/04/03 6:29 p.m.168 views

CVE-2018-4261

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

8.8CVSS8.2AI score0.00284EPSS
cve
cveadded 2022/03/18 6:15 p.m.168 views

CVE-2022-22594

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

6.5CVSS6.4AI score0.00113EPSS
cve
cveadded 2010/06/30 6:30 p.m.167 views

CVE-2010-1205

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

9.8CVSS9.9AI score0.17033EPSS
cve
cveadded 2019/03/05 4:29 p.m.167 views

CVE-2019-6217

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00651EPSS
cve
cveadded 2022/12/15 7:15 p.m.165 views

CVE-2022-42852

The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.

6.5CVSS6.3AI score0.00414EPSS
cve
cveadded 2017/12/25 9:29 p.m.164 views

CVE-2017-13861

An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corr...

9.3CVSS7.5AI score0.68371EPSS
Web
cve
cveadded 2019/04/03 6:29 p.m.164 views

CVE-2018-4372

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

8.8CVSS8.2AI score0.00699EPSS
cve
cveadded 2022/12/15 7:15 p.m.164 views

CVE-2022-46699

A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00447EPSS
Total number of security vulnerabilities3721