Iphone Os@* Security Vulnerabilities and Issues — Page 10 of Iphone Os@* CVE List

Lucene search

AppleIphone Os*

3624 matches found

CVE•added 2020/04/17 6:15 p.m.•153 views

CVE-2019-6203

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic.

9.8CVSS7.5AI score0.07524EPSS

CVE•added 2022/03/18 6:15 p.m.•153 views

CVE-2022-22666

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption.

7.8CVSS7.7AI score0.00266EPSS

CVE•added 2019/01/11 6:29 p.m.•151 views

CVE-2018-4212

In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

8.8CVSS7.5AI score0.00846EPSS

CVE•added 2019/04/03 6:29 p.m.•151 views

CVE-2018-4265

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

8.8CVSS8.2AI score0.00284EPSS

CVE•added 2019/04/03 6:29 p.m.•151 views

CVE-2018-4273

Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

6.5CVSS7.4AI score0.00394EPSS

CVE•added 2022/05/26 7:15 p.m.•151 views

CVE-2022-26736

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00271EPSS

CVE•added 2018/06/08 6:29 p.m.•150 views

CVE-2018-4202

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "iBooks" component. It allows man-in-the-middle attackers to spoof a password prompt.

5.9CVSS5.4AI score0.00561EPSS

CVE•added 2022/12/15 7:15 p.m.•150 views

CVE-2022-42852

The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.

6.5CVSS6.3AI score0.00712EPSS

CVE•added 2016/07/22 2:59 a.m.•149 views

CVE-2016-4622

WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624.

8.8CVSS8.3AI score0.73233EPSS

CVE•added 2019/01/11 6:29 p.m.•149 views

CVE-2018-4208

8.8CVSS7.5AI score0.00846EPSS

CVE•added 2019/04/03 6:29 p.m.•149 views

CVE-2018-4266

A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

5.9CVSS6.5AI score0.00355EPSS

CVE•added 2019/04/03 6:29 p.m.•149 views

CVE-2018-4318

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

8.8CVSS7.6AI score0.15917EPSS

CVE•added 2019/04/03 6:29 p.m.•149 views

CVE-2018-4438

A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

8.8CVSS7.5AI score0.38084EPSS

CVE•added 2022/12/15 7:15 p.m.•149 views

CVE-2022-46699

A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00579EPSS

CVE•added 2018/04/03 6:29 a.m.•148 views

CVE-2018-4163

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compon...

8.8CVSS8.7AI score0.00567EPSS

CVE•added 2019/04/03 6:29 p.m.•148 views

CVE-2018-4263

8.8CVSS8.2AI score0.00284EPSS

CVE•added 2019/04/03 6:29 p.m.•148 views

CVE-2018-4272

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

8.8CVSS8.2AI score0.00374EPSS

CVE•added 2019/04/03 6:29 p.m.•148 views

CVE-2018-4345

A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

6.1CVSS6.1AI score0.01123EPSS

CVE•added 2019/04/03 6:29 p.m.•148 views

CVE-2018-4382

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

8.8CVSS8.2AI score0.32882EPSS

CVE•added 2019/04/03 6:29 p.m.•148 views

CVE-2018-4443

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

8.8CVSS7.8AI score0.32882EPSS

CVE•added 2019/12/18 6:15 p.m.•148 views

CVE-2019-6201

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8.9AI score0.00882EPSS

CVE•added 2022/11/01 8:15 p.m.•148 views

CVE-2022-26716

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00149EPSS

CVE•added 2018/04/03 6:29 a.m.•147 views

CVE-2018-4165

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.7AI score0.00579EPSS

CVE•added 2019/04/03 6:29 p.m.•147 views

CVE-2018-4267

8.8CVSS8.2AI score0.00284EPSS

CVE•added 2019/04/03 6:29 p.m.•147 views

CVE-2018-4416

8.8CVSS8.2AI score0.47614EPSS

CVE•added 2022/03/18 6:15 p.m.•147 views

CVE-2022-22638

A null pointer dereference was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An attacker in a privileged position may be able to perform a denial of service a...

6.5CVSS6.1AI score0.00217EPSS

CVE•added 2022/12/15 7:15 p.m.•147 views

CVE-2022-46700

A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00579EPSS

CVE•added 2023/07/27 1:15 a.m.•147 views

CVE-2023-32393

The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00237EPSS

CVE•added 2019/04/03 6:29 p.m.•146 views

CVE-2018-4306

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

8.8CVSS7.6AI score0.15917EPSS

CVE•added 2019/04/03 6:29 p.m.•146 views

CVE-2018-4442

8.8CVSS7.9AI score0.32882EPSS

CVE•added 2019/12/18 6:15 p.m.•146 views

CVE-2019-8641

An out-of-bounds read was addressed with improved input validation.

9.8CVSS8.7AI score0.23741EPSS

CVE•added 2022/03/18 6:15 p.m.•145 views

CVE-2022-22589

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

6.1CVSS6.2AI score0.00286EPSS

CVE•added 2025/01/27 10:15 p.m.•145 views

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.

8.8CVSS6.1AI score0.00155EPSS

CVE•added 2019/01/11 6:29 p.m.•144 views

CVE-2018-4207

8.8CVSS7.5AI score0.00846EPSS

CVE•added 2019/04/03 6:29 p.m.•144 views

CVE-2018-4358

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

8.8CVSS8.2AI score0.00704EPSS

CVE•added 2019/04/03 6:29 p.m.•144 views

CVE-2018-4392

8.8CVSS8.2AI score0.00695EPSS

CVE•added 2016/05/20 10:59 a.m.•143 views

CVE-2016-1839

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

5.5CVSS6.4AI score0.03399EPSS

CVE•added 2019/01/11 6:29 p.m.•143 views

CVE-2018-4262

In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.

8.8CVSS8.2AI score0.00378EPSS

CVE•added 2019/04/03 6:29 p.m.•143 views

CVE-2018-4314

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

8.8CVSS7.6AI score0.34513EPSS

CVE•added 2019/04/03 6:29 p.m.•143 views

CVE-2018-4359

8.8CVSS8.2AI score0.0076EPSS

CVE•added 2019/03/05 4:29 p.m.•143 views

CVE-2019-6233

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00651EPSS

CVE•added 2019/01/11 6:29 p.m.•142 views

CVE-2018-4209

8.8CVSS7.5AI score0.00624EPSS

CVE•added 2019/04/03 6:29 p.m.•142 views

CVE-2018-4323

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

8.8CVSS8.2AI score0.15917EPSS

CVE•added 2019/03/05 4:29 p.m.•142 views

CVE-2019-6234

8.8CVSS8.3AI score0.00651EPSS

CVE•added 2021/08/24 7:15 p.m.•142 views

CVE-2021-30955

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

7.6CVSS7.1AI score0.35658EPSS

CVE•added 2025/01/15 8:15 p.m.•142 views

CVE-2024-44136

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection.

9.1CVSS5.5AI score0.00075EPSS

CVE•added 2019/01/11 6:29 p.m.•141 views

CVE-2018-4210

In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.

8.8CVSS7.3AI score0.00876EPSS

CVE•added 2019/04/03 6:29 p.m.•141 views

CVE-2018-4441

8.8CVSS6.4AI score0.82388EPSS

CVE•added 2019/03/05 4:29 p.m.•141 views

CVE-2019-6226

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00647EPSS

CVE•added 2022/11/01 8:15 p.m.•141 views

CVE-2022-26719

8.8CVSS8.6AI score0.00137EPSS

Total number of security vulnerabilities3624