Iphone Os@* Security Vulnerabilities and Issues — Page 22 of Iphone Os@* CVE List

Lucene search

AppleIphone Os*

3624 matches found

CVE•added 2024/12/12 2:15 a.m.•85 views

CVE-2024-54502

The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.

6.5CVSS5.8AI score0.00281EPSS

CVE•added 2025/01/27 10:15 p.m.•85 views

CVE-2024-54542

An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2. Private Browsing tabs may be accessed without authentication.

9.1CVSS5.9AI score0.00319EPSS

CVE•added 2013/09/19 10:27 a.m.•84 views

CVE-2011-2391

The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.

6.1CVSS4.1AI score0.01129EPSS

CVE•added 2012/08/31 7:55 p.m.•84 views

CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xs...

4.3CVSS6.6AI score0.00906EPSS

CVE•added 2015/11/22 3:59 a.m.•84 views

CVE-2015-7036

The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument.

7.5CVSS6.6AI score0.03068EPSS

CVE•added 2015/12/15 9:59 p.m.•84 views

CVE-2015-8242

The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.

5.8CVSS6.8AI score0.02566EPSS

CVE•added 2016/07/22 2:59 a.m.•84 views

CVE-2016-4623

WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624.

8.8CVSS8.3AI score0.72851EPSS

CVE•added 2016/07/22 2:59 a.m.•84 views

CVE-2016-4624

8.8CVSS8.3AI score0.72851EPSS

CVE•added 2017/04/02 1:59 a.m.•84 views

CVE-2017-2367

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web sit...

6.5CVSS6.1AI score0.12422EPSS

CVE•added 2017/04/02 1:59 a.m.•84 views

CVE-2017-2469

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.02682EPSS

CVE•added 2017/07/20 4:29 p.m.•84 views

CVE-2017-7056

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.08109EPSS

CVE•added 2017/10/23 1:29 a.m.•84 views

CVE-2017-7098

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execu...

8.8CVSS7.7AI score0.00513EPSS

CVE•added 2018/04/03 6:29 a.m.•84 views

CVE-2018-4118

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers ...

8.8CVSS8.7AI score0.00579EPSS

CVE•added 2018/06/08 6:29 p.m.•84 views

CVE-2018-4225

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local use...

5.5CVSS5.3AI score0.00046EPSS

CVE•added 2019/04/03 6:29 p.m.•84 views

CVE-2018-4326

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

7.8CVSS7.3AI score0.00306EPSS

CVE•added 2019/04/03 6:29 p.m.•84 views

CVE-2018-4399

An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

5.5CVSS6.1AI score0.00296EPSS

CVE•added 2019/04/03 6:29 p.m.•84 views

CVE-2018-4420

A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

9.3CVSS7.2AI score0.00185EPSS

CVE•added 2019/12/18 6:15 p.m.•84 views

CVE-2019-8560

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory.

5.5CVSS5.3AI score0.00269EPSS

CVE•added 2019/12/18 6:15 p.m.•84 views

CVE-2019-8577

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.

7.8CVSS7.5AI score0.00244EPSS

CVE•added 2020/10/27 8:15 p.m.•84 views

CVE-2019-8592

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Securit...

7.8CVSS8.3AI score0.00433EPSS

CVE•added 2020/10/27 8:15 p.m.•84 views

CVE-2019-8706

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to ...

7.8CVSS8.3AI score0.00485EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2020-27951

This issue was addressed with improved checks. This issue is fixed in watchOS 6.3, iOS 12.5, iOS 14.3 and iPadOS 14.3, watchOS 7.2. Unauthorized code execution may lead to an authentication policy violation.

7.8CVSS7.2AI score0.00442EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2020-29608

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14...

5.5CVSS5.5AI score0.00698EPSS

CVE•added 2020/02/27 9:15 p.m.•84 views

CVE-2020-3872

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory.

5.5CVSS5.1AI score0.00325EPSS

CVE•added 2020/04/01 6:15 p.m.•84 views

CVE-2020-3919

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00266EPSS

CVE•added 2020/06/09 5:15 p.m.•84 views

CVE-2020-9829

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted text message may lead to application denial of service.

6.5CVSS6.1AI score0.00614EPSS

CVE•added 2020/10/22 6:15 p.m.•84 views

CVE-2020-9883

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to ...

7.8CVSS8.3AI score0.01107EPSS

CVE•added 2020/10/16 5:15 p.m.•84 views

CVE-2020-9889

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00447EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1741

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execu...

7.8CVSS8AI score0.00462EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1743

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execu...

7.8CVSS7.6AI score0.00462EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1745

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or ar...

9.3CVSS7.7AI score0.00238EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1750

Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.0019EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1760

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application could execute arbitrary code leading to co...

5.5CVSS7.1AI score0.00322EPSS

CVE•added 2021/04/02 6:15 p.m.•84 views

CVE-2021-1767

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to heap corruption.

9.3CVSS6.9AI score0.00115EPSS

CVE•added 2021/09/08 3:15 p.m.•84 views

CVE-2021-30660

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A malicious application may be able to disclose kernel memory.

7.8CVSS6.8AI score0.00602EPSS

CVE•added 2021/09/08 3:15 p.m.•84 views

CVE-2021-30708

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or ar...

7.8CVSS8AI score0.00376EPSS

CVE•added 2021/09/08 2:15 p.m.•84 views

CVE-2021-30760

An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

7.8CVSS8.2AI score0.00428EPSS

CVE•added 2022/03/18 6:15 p.m.•84 views

CVE-2022-22622

This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions.

4.6CVSS3.7AI score0.00078EPSS

CVE•added 2022/05/26 7:15 p.m.•84 views

CVE-2022-26703

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A person with physical access to an iOS device may be able to access photos from the lock screen.

2.4CVSS3.1AI score0.0007EPSS

CVE•added 2022/08/24 8:15 p.m.•84 views

CVE-2022-32813

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.00082EPSS

CVE•added 2022/11/01 8:15 p.m.•84 views

CVE-2022-32892

An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions.

8.6CVSS7.5AI score0.00108EPSS

CVE•added 2022/11/01 8:15 p.m.•84 views

CVE-2022-32926

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16. An app with root privileges may be able to execute arbitrary code with kernel privileges.

6.7CVSS7.2AI score0.00035EPSS

CVE•added 2023/02/27 8:15 p.m.•84 views

CVE-2023-23502

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout.

5.5CVSS4.3AI score0.00054EPSS

CVE•added 2023/06/23 6:15 p.m.•84 views

CVE-2023-32398

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to execute arbitrary code with kernel priv...

7.8CVSS7.9AI score0.00049EPSS

CVE•added 2023/09/27 3:18 p.m.•84 views

CVE-2023-39434

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00498EPSS

CVE•added 2017/04/02 1:59 a.m.•83 views

CVE-2017-2481

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.01255EPSS

CVE•added 2017/07/20 4:29 p.m.•83 views

CVE-2017-7039

8.8CVSS8.1AI score0.03473EPSS

CVE•added 2017/07/20 4:29 p.m.•83 views

CVE-2017-7048

8.8CVSS8.1AI score0.0481EPSS

CVE•added 2017/10/23 1:29 a.m.•83 views

CVE-2017-7092

8.8CVSS7.7AI score0.29833EPSS

CVE•added 2017/10/23 1:29 a.m.•83 views

CVE-2017-7104