Iphone Os@* Security Vulnerabilities and Issues — Page 30 of Iphone Os@* CVE List

Lucene search

AppleIphone Os*

3624 matches found

CVE•added 2015/09/18 12:0 p.m.•74 views

CVE-2015-5896

The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5868 and CVE-2015-5903.

7.2CVSS6AI score0.02023EPSS

CVE•added 2017/02/20 8:59 a.m.•74 views

CVE-2016-7623

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a blob URL on a web site.

6.5CVSS5.9AI score0.00411EPSS

CVE•added 2017/02/20 8:59 a.m.•74 views

CVE-2016-7637

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified ve...

7.8CVSS6AI score0.00175EPSS

CVE•added 2017/11/13 3:29 a.m.•74 views

CVE-2017-13795

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.14267EPSS

CVE•added 2017/11/13 3:29 a.m.•74 views

CVE-2017-13798

8.8CVSS7.7AI score0.13208EPSS

CVE•added 2017/11/13 3:29 a.m.•74 views

CVE-2017-13849

An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted text file.

5.5CVSS5.2AI score0.02618EPSS

CVE•added 2017/04/02 1:59 a.m.•74 views

CVE-2017-2377

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service (memory corruption and application crash) by leveraging a window-close action dur...

7.5CVSS6.5AI score0.00604EPSS

CVE•added 2017/04/02 1:59 a.m.•74 views

CVE-2017-2433

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web si...

8.8CVSS8AI score0.00752EPSS

CVE•added 2017/04/02 1:59 a.m.•74 views

CVE-2017-2456

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to execute arbitrary code in a privileged cont...

7.6CVSS7.3AI score0.06162EPSS

CVE•added 2017/04/02 1:59 a.m.•74 views

CVE-2017-2466

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applicati...

8.8CVSS8AI score0.03715EPSS

CVE•added 2017/05/22 5:29 a.m.•74 views

CVE-2017-2538

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8AI score0.00706EPSS

CVE•added 2017/07/20 4:29 p.m.•74 views

CVE-2017-7052

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote at...

8.8CVSS8.1AI score0.00927EPSS

CVE•added 2017/07/20 4:29 p.m.•74 views

CVE-2017-7059

A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.

6.1CVSS5.8AI score0.00489EPSS

CVE•added 2018/04/03 6:29 a.m.•74 views

CVE-2017-7065

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code (on the Wi-Fi chip) or cause a denial of service (memory...

8.8CVSS8.3AI score0.00992EPSS

CVE•added 2019/04/03 6:29 p.m.•74 views

CVE-2018-4145

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.3, tvOS 11.3, watchOS 4.3, Safari 11.1, iTunes 12.7.4 for Windows, iCloud for Windows 7.4.

8.8CVSS8.1AI score0.00699EPSS

CVE•added 2018/04/03 6:29 a.m.•74 views

CVE-2018-4155

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privile...

7.6CVSS7.3AI score0.00152EPSS

CVE•added 2018/06/08 6:29 p.m.•74 views

CVE-2018-4221

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates.

7.5CVSS6.1AI score0.00505EPSS

CVE•added 2019/01/11 6:29 p.m.•74 views

CVE-2018-4277

In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

7.5CVSS5.7AI score0.00562EPSS

CVE•added 2021/12/23 8:15 p.m.•74 views

CVE-2018-4302

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

7.8CVSS8.2AI score0.00424EPSS

CVE•added 2019/04/03 6:29 p.m.•74 views

CVE-2018-4384

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, watchOS 5.1.

7.8CVSS7.3AI score0.0405EPSS

CVE•added 2019/04/03 6:29 p.m.•74 views

CVE-2018-4413

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

7.1CVSS5.8AI score0.00371EPSS

CVE•added 2019/03/05 4:29 p.m.•74 views

CVE-2019-6231

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted memory.

5.5CVSS5AI score0.00359EPSS

CVE•added 2019/12/18 6:15 p.m.•74 views

CVE-2019-8502

An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization.

4.3CVSS4.3AI score0.00319EPSS

CVE•added 2019/12/18 6:15 p.m.•74 views

CVE-2019-8598

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory.

5.5CVSS5.6AI score0.0023EPSS

CVE•added 2020/10/27 8:15 p.m.•74 views

CVE-2019-8633

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory.

7.5CVSS6.2AI score0.00378EPSS

CVE•added 2020/10/27 8:15 p.m.•74 views

CVE-2019-8838

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code w...

9.3CVSS7.5AI score0.00484EPSS

CVE•added 2020/12/08 9:15 p.m.•74 views

CVE-2020-27916

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.5AI score0.00622EPSS

CVE•added 2020/06/09 4:15 p.m.•74 views

CVE-2020-9792

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A USB device may be able to cause a denial of service.

4.6CVSS4.6AI score0.00046EPSS

CVE•added 2020/10/16 5:15 p.m.•74 views

CVE-2020-9891

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

7.8CVSS8AI score0.00462EPSS

CVE•added 2020/10/27 9:15 p.m.•74 views

CVE-2020-9973

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination...

9.3CVSS7.3AI score0.00248EPSS

CVE•added 2020/12/08 8:15 p.m.•74 views

CVE-2020-9989

The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages.

5.5CVSS5.2AI score0.00148EPSS

CVE•added 2021/04/02 6:15 p.m.•74 views

CVE-2021-1781

A privacy issue existed in the handling of Contact cards. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A malicious application may be able to leak sensitive...

5.5CVSS5.4AI score0.00178EPSS

CVE•added 2021/09/08 2:15 p.m.•74 views

CVE-2021-30743

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS8.1AI score0.00424EPSS

CVE•added 2021/10/19 2:15 p.m.•74 views

CVE-2021-30825

This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15. A local attacker may be able to cause unexpected application termination or arbitrary code execution.

7.8CVSS7.3AI score0.00073EPSS

CVE•added 2021/10/19 2:15 p.m.•74 views

CVE-2021-30837

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.6AI score0.00383EPSS

CVE•added 2021/08/24 7:15 p.m.•74 views

CVE-2021-30871

This issue was addressed with a new entitlement. This issue is fixed in iOS 14.7, watchOS 7.6, macOS Big Sur 11.5. A local attacker may be able to access analytics data.

5.5CVSS5.6AI score0.00143EPSS

CVE•added 2022/12/15 7:15 p.m.•74 views

CVE-2022-32948

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.7AI score0.00058EPSS

CVE•added 2022/12/15 7:15 p.m.•74 views

CVE-2022-42861

This issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2. An app may be able to break out of its sandbox.

8.8CVSS7.5AI score0.00033EPSS

CVE•added 2023/05/08 8:15 p.m.•74 views

CVE-2023-23528

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory.

6.5CVSS5.4AI score0.00055EPSS

CVE•added 2023/05/08 8:15 p.m.•74 views

CVE-2023-27955

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, macOS Big Sur 11.7.5. An app may be able to read arbitrary files.

5.5CVSS4.4AI score0.0006EPSS

CVE•added 2023/05/08 8:15 p.m.•74 views

CVE-2023-28194

The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen.

3.3CVSS2.9AI score0.00037EPSS

CVE•added 2023/06/23 6:15 p.m.•74 views

CVE-2023-32399

The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to read sensitive location information.

5.5CVSS4.9AI score0.00039EPSS

CVE•added 2024/03/08 2:15 a.m.•74 views

CVE-2024-23205

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to access sensitive user data.

5.5CVSS6.1AI score0.00031EPSS

CVE•added 2024/03/08 2:15 a.m.•74 views

CVE-2024-23231

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to access user-sensitive data.

5.5CVSS6.2AI score0.00019EPSS

CVE•added 2024/06/10 9:15 p.m.•74 views

CVE-2024-27808

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.

8.8CVSS7.1AI score0.00186EPSS

CVE•added 2024/07/29 11:15 p.m.•74 views

CVE-2024-40836

A logic issue was addressed with improved checks. This issue is fixed in watchOS 10.6, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9. A shortcut may be able to use sensitive data with certain actions without prompting the user.

7.5CVSS5.5AI score0.00177EPSS

CVE•added 2015/03/18 10:59 p.m.•73 views

CVE-2015-1069

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00872EPSS

CVE•added 2017/02/20 8:59 a.m.•73 views

CVE-2016-7621

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (use-af...

7.8CVSS7.1AI score0.00158EPSS

CVE•added 2017/04/02 1:59 a.m.•73 views

CVE-2017-2465

8.8CVSS8AI score0.00986EPSS

CVE•added 2017/04/02 1:59 a.m.•73 views

CVE-2017-2468

8.8CVSS8AI score0.04752EPSS

Total number of security vulnerabilities3624