Iphone Os@* Security Vulnerabilities and Issues — Page 14 of Iphone Os@* CVE List

Lucene search

AppleIphone Os*

3650 matches found

CVE•added 2016/05/20 10:59 a.m.•111 views

CVE-2016-1838

The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

5.5CVSS6.3AI score0.1065EPSS

CVE•added 2017/02/20 8:59 a.m.•111 views

CVE-2017-2350

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted w...

6.5CVSS5.6AI score0.00522EPSS

CVE•added 2017/02/20 8:59 a.m.•111 views

CVE-2017-2369

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and app...

8.8CVSS7.8AI score0.04575EPSS

CVE•added 2017/12/27 5:8 p.m.•111 views

CVE-2017-7156

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.01523EPSS

CVE•added 2018/06/08 6:29 p.m.•111 views

CVE-2018-4240

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted messag...

6.5CVSS5.6AI score0.23346EPSS

CVE•added 2019/04/03 6:29 p.m.•111 views

CVE-2018-4280

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.

7.8CVSS5.9AI score0.19414EPSS

CVE•added 2020/06/09 5:15 p.m.•111 views

CVE-2020-9844

A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

7.8CVSS6.7AI score0.00528EPSS

CVE•added 2022/03/18 6:15 p.m.•111 views

CVE-2022-22667

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00386EPSS

CVE•added 2022/09/23 7:15 p.m.•111 views

CVE-2022-32829

This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.00055EPSS

CVE•added 2022/09/23 7:15 p.m.•111 views

CVE-2022-32847

This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. A remote user may be able to cause unexpected system termination or corrupt kernel memory.

9.1CVSS7.7AI score0.00386EPSS

CVE•added 2023/02/27 8:15 p.m.•111 views

CVE-2023-23519

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing an image may lead to a denial-of-service.

7.5CVSS6.7AI score0.00126EPSS

CVE•added 2024/03/08 2:15 a.m.•111 views

CVE-2024-23286

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. Processing an image may lead to arbitrary code e...

9.8CVSS7.4AI score0.01235EPSS

CVE•added 2024/12/12 2:15 a.m.•111 views

CVE-2024-54505

A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.9AI score0.0038EPSS

CVE•added 2016/05/20 10:59 a.m.•110 views

CVE-2016-1835

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.

8.8CVSS7.2AI score0.0217EPSS

CVE•added 2018/06/08 6:29 p.m.•110 views

CVE-2018-4206

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary co...

7.8CVSS7.5AI score0.11202EPSS

CVE•added 2018/06/08 6:29 p.m.•110 views

CVE-2018-4237

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logi...

7.8CVSS5.8AI score0.70337EPSS

CVE•added 2019/12/18 6:15 p.m.•110 views

CVE-2019-8663

This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6. A remote attacker may be able to leak memory.

5.3CVSS5.6AI score0.06309EPSS

CVE•added 2020/10/27 8:15 p.m.•110 views

CVE-2019-8718

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.2AI score0.00271EPSS

CVE•added 2021/04/02 7:15 p.m.•110 views

CVE-2021-1753

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.6AI score0.00362EPSS

CVE•added 2022/05/26 7:15 p.m.•110 views

CVE-2022-26737

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00292EPSS

CVE•added 2023/06/23 6:15 p.m.•110 views

CVE-2022-46718

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information

5.5CVSS4.1AI score0.00028EPSS

CVE•added 2023/02/27 8:15 p.m.•110 views

CVE-2023-23512

The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Visiting a website may lead to an app denial-of-service.

6.5CVSS5.3AI score0.00133EPSS

CVE•added 2010/06/30 6:30 p.m.•109 views

CVE-2010-2249

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

6.5CVSS7.4AI score0.01567EPSS

CVE•added 2018/06/08 6:29 p.m.•109 views

CVE-2018-4232

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attacker...

4.3CVSS5.2AI score0.0184EPSS

CVE•added 2021/04/02 7:15 p.m.•109 views

CVE-2021-1818

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or a...

9.8CVSS8.2AI score0.01746EPSS

CVE•added 2022/03/18 6:15 p.m.•109 views

CVE-2022-22613

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privilege...

9.3CVSS7.9AI score0.00219EPSS

CVE•added 2022/03/18 6:15 p.m.•109 views

CVE-2022-22636

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00213EPSS

CVE•added 2022/05/26 8:15 p.m.•109 views

CVE-2022-26768

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.2AI score0.00399EPSS

CVE•added 2025/03/10 7:15 p.m.•109 views

CVE-2024-54467

A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.

6.5CVSS5.6AI score0.00082EPSS

CVE•added 2016/05/20 10:59 a.m.•108 views

CVE-2016-1836

Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.

5.5CVSS6.5AI score0.01153EPSS

CVE•added 2017/02/20 8:59 a.m.•108 views

CVE-2016-7612

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory c...

9.3CVSS6.8AI score0.01352EPSS

CVE•added 2017/02/20 8:59 a.m.•108 views

CVE-2017-2366

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of...

8.8CVSS8.1AI score0.00728EPSS

CVE•added 2017/02/20 8:59 a.m.•108 views

CVE-2017-2370

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS6.8AI score0.72581EPSS

CVE•added 2017/02/20 8:59 a.m.•108 views

CVE-2017-2373

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and app...

8.8CVSS7.5AI score0.06651EPSS

CVE•added 2018/04/03 6:29 a.m.•108 views

CVE-2018-4127

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.7AI score0.00579EPSS

CVE•added 2018/06/08 6:29 p.m.•108 views

CVE-2018-4199

8.8CVSS8.7AI score0.03264EPSS

CVE•added 2018/06/08 6:29 p.m.•108 views

CVE-2018-4227

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.

7.5CVSS6AI score0.00584EPSS

CVE•added 2018/06/08 6:29 p.m.•108 views

CVE-2018-4241

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary ...

9.3CVSS7AI score0.32986EPSS

CVE•added 2019/12/18 6:15 p.m.•108 views

CVE-2019-8591

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory.

8.8CVSS6.1AI score0.07151EPSS

CVE•added 2019/12/18 6:15 p.m.•108 views

CVE-2019-8647

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.8AI score0.06221EPSS

CVE•added 2020/02/27 9:15 p.m.•108 views

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.6AI score0.00613EPSS

CVE•added 2020/06/09 5:15 p.m.•108 views

CVE-2020-9794

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service...

8.1CVSS7AI score0.00959EPSS

CVE•added 2021/08/24 7:15 p.m.•108 views

CVE-2021-30919

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Processing a maliciously crafted PDF may lead t...

7.8CVSS7.5AI score0.00601EPSS

CVE•added 2022/03/18 6:15 p.m.•108 views

CVE-2022-22612

A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption.

7.8CVSS7.1AI score0.00352EPSS

CVE•added 2022/05/26 8:15 p.m.•108 views

CVE-2022-26757

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.04042EPSS

CVE•added 2022/09/23 7:15 p.m.•108 views

CVE-2022-32787

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code exec...

8.8CVSS8.7AI score0.0013EPSS

CVE•added 2024/03/08 2:15 a.m.•108 views

CVE-2024-23265

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to cause unexpected system ...

9.8CVSS6.8AI score0.00151EPSS

CVE•added 2017/02/20 8:59 a.m.•107 views

CVE-2017-2355

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arb...

8.8CVSS7.9AI score0.00824EPSS

CVE•added 2021/04/02 7:15 p.m.•107 views

CVE-2021-1761

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause a denial of service.

7.5CVSS6.5AI score0.01093EPSS

CVE•added 2021/09/08 3:15 p.m.•107 views

CVE-2021-30698

A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.

7.5CVSS6.9AI score0.00469EPSS

Total number of security vulnerabilities3650