Iphone Os@* Security Vulnerabilities and Issues — Page 34 of Iphone Os@* CVE List

Lucene search

AppleIphone Os*

3649 matches found

CVE•added 2021/09/08 2:15 p.m.•70 views

CVE-2021-30773

An issue in code signature validation was addressed with improved checks. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious application may be able to bypass code signing checks.

5.5CVSS5.8AI score0.00082EPSS

CVE•added 2021/08/24 7:15 p.m.•70 views

CVE-2021-30914

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.1 and iPadOS 15.1. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.00265EPSS

CVE•added 2021/08/24 7:15 p.m.•70 views

CVE-2021-30929

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memory contents.

5.5CVSS5.6AI score0.00077EPSS

CVE•added 2021/08/24 7:15 p.m.•70 views

CVE-2021-30964

An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2. A malicious application may be able to bypass Privacy preferences.

5.5CVSS5.5AI score0.00178EPSS

CVE•added 2021/08/24 7:15 p.m.•70 views

CVE-2021-30968

A validation issue related to hard link behavior was addressed with improved sandbox restrictions. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to bypass cer...

5.5CVSS5.5AI score0.0023EPSS

CVE•added 2021/08/24 7:15 p.m.•70 views

CVE-2021-30996

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

7.6CVSS7.1AI score0.00416EPSS

CVE•added 2022/11/01 8:15 p.m.•70 views

CVE-2022-42813

A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution.

9.8CVSS8.5AI score0.00247EPSS

CVE•added 2023/04/10 7:15 p.m.•70 views

CVE-2022-46709

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16. An app may be able to execute arbitrary code with kernel privileges

9.8CVSS8.5AI score0.00215EPSS

CVE•added 2023/05/08 8:15 p.m.•70 views

CVE-2023-23523

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup.

3.3CVSS3AI score0.00057EPSS

CVE•added 2023/05/08 8:15 p.m.•70 views

CVE-2023-27943

This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Files downloaded from the internet may not have the quarantine flag applied.

5.5CVSS4.3AI score0.0004EPSS

CVE•added 2023/06/23 6:15 p.m.•70 views

CVE-2023-32389

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to disclose kernel memory.

5.5CVSS4.8AI score0.00041EPSS

CVE•added 2024/03/08 2:15 a.m.•70 views

CVE-2024-23220

The issue was addressed with improved handling of caches. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4. An app may be able to fingerprint the user.

5.5CVSS6.3AI score0.00062EPSS

CVE•added 2024/03/08 2:15 a.m.•70 views

CVE-2024-23297

The issue was addressed with improved checks. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4. A malicious application may be able to access private information.

5.5CVSS5.3AI score0.00138EPSS

CVE•added 2024/07/29 11:15 p.m.•70 views

CVE-2024-40786

This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information.

7.5CVSS5.7AI score0.00295EPSS

CVE•added 2024/10/04 12:15 a.m.•70 views

CVE-2024-44204

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver.

5.5CVSS5.8AI score0.00079EPSS

CVE•added 2024/10/28 9:15 p.m.•70 views

CVE-2024-44274

The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, iOS 18.1 and iPadOS 18.1. An attacker with physical access to a locked device may be able to view sensitive user information.

4.6CVSS4.7AI score0.00064EPSS

CVE•added 2025/01/27 10:15 p.m.•70 views

CVE-2024-54550

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs.

4CVSS5.3AI score0.00016EPSS

CVE•added 2011/08/29 3:55 p.m.•69 views

CVE-2011-2823

Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box.

7.5CVSS7AI score0.0229EPSS

CVE•added 2012/03/05 7:55 p.m.•69 views

CVE-2011-3038

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.

6.8CVSS6.9AI score0.01173EPSS

CVE•added 2012/03/22 4:55 p.m.•69 views

CVE-2011-3056

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."

6.8CVSS6AI score0.00892EPSS

CVE•added 2012/01/07 11:55 a.m.•69 views

CVE-2011-3919

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5CVSS8.5AI score0.0248EPSS

CVE•added 2012/03/08 10:55 p.m.•69 views

CVE-2012-0588

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589.

4.3CVSS5.2AI score0.00588EPSS

CVE•added 2014/03/14 10:55 a.m.•69 views

CVE-2014-1289

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293...

6.8CVSS7.7AI score0.01795EPSS

CVE•added 2014/09/18 10:55 a.m.•69 views

CVE-2014-4414

WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA...

6.8CVSS7.8AI score0.01114EPSS

CVE•added 2015/04/10 2:59 p.m.•69 views

CVE-2015-1096

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app.

1.9CVSS4.7AI score0.00074EPSS

CVE•added 2016/05/20 10:59 a.m.•69 views

CVE-2016-1827

The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1828, CVE-2016-1829, ...

9.3CVSS7.5AI score0.09639EPSS

CVE•added 2016/07/22 3:0 a.m.•69 views

CVE-2016-4653

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1863 and CVE-2016-4582.

7.8CVSS7.6AI score0.00268EPSS

CVE•added 2016/09/25 10:59 a.m.•69 views

CVE-2016-4708

CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response.

6.5CVSS6.4AI score0.04174EPSS

CVE•added 2017/02/20 8:59 a.m.•69 views

CVE-2016-7587

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of ser...

8.8CVSS8AI score0.0068EPSS

CVE•added 2017/02/20 8:59 a.m.•69 views

CVE-2016-7645

8.8CVSS8.1AI score0.00728EPSS

CVE•added 2017/02/20 8:59 a.m.•69 views

CVE-2016-7656

8.8CVSS8.1AI score0.00728EPSS

CVE•added 2017/04/02 1:59 a.m.•69 views

CVE-2017-2379

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Carbon" component. It allows remote attackers to execute arbitrary code or cause a denial of servic...

7.8CVSS8.5AI score0.00921EPSS

CVE•added 2017/04/02 1:59 a.m.•69 views

CVE-2017-2417

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreGraphics" component. It allows remote attackers to cause a denial of service (infinite recursio...

5.5CVSS5.7AI score0.00554EPSS

CVE•added 2017/04/02 1:59 a.m.•69 views

CVE-2017-2419

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors.

7.5CVSS5.1AI score0.00602EPSS

CVE•added 2017/04/02 1:59 a.m.•69 views

CVE-2017-2435

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of serv...

7.8CVSS8.6AI score0.00774EPSS

CVE•added 2017/10/23 1:29 a.m.•69 views

CVE-2017-7108

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory co...

10CVSS8.9AI score0.10946EPSS

CVE•added 2017/10/23 1:29 a.m.•69 views

CVE-2017-7116

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to read data from kernel memory locations via crafted Wi-Fi traffic.

7.5CVSS6.9AI score0.00782EPSS

CVE•added 2017/10/23 1:29 a.m.•69 views

CVE-2017-7133

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to have ...

7.5CVSS6.6AI score0.00342EPSS

CVE•added 2018/06/08 6:29 p.m.•69 views

CVE-2018-4239

An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Magnifier" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and see the most recent Magnifier image.

4.6CVSS4.6AI score0.00072EPSS

CVE•added 2019/04/03 6:29 p.m.•69 views

CVE-2018-4321

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.

5.3CVSS5.8AI score0.00298EPSS

CVE•added 2019/04/03 6:29 p.m.•69 views

CVE-2018-4400

A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.

5.5CVSS5.4AI score0.00196EPSS

CVE•added 2019/03/05 4:29 p.m.•69 views

CVE-2019-6202

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges.

7.8CVSS6.3AI score0.00259EPSS

CVE•added 2019/12/18 6:15 p.m.•69 views

CVE-2019-8504

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory.

5.5CVSS5.2AI score0.00112EPSS

CVE•added 2020/10/27 8:15 p.m.•69 views

CVE-2019-8532

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files.

5.5CVSS6.3AI score0.00149EPSS

CVE•added 2020/12/08 9:15 p.m.•69 views

CVE-2020-27910

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution.

9.3CVSS7.3AI score0.00813EPSS

CVE•added 2021/04/02 6:15 p.m.•69 views

CVE-2020-27920

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing maliciously crafted web content may...

8.8CVSS7.6AI score0.00547EPSS

CVE•added 2020/12/08 9:15 p.m.•69 views

CVE-2020-27926

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.2 and iPadOS 14.2. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS7.7AI score0.00477EPSS

CVE•added 2020/02/27 9:15 p.m.•69 views

CVE-2020-3844

This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Users removed from an iMessage conversation may still be able to alter state.

3.3CVSS4.2AI score0.00153EPSS

CVE•added 2020/12/08 8:15 p.m.•69 views

CVE-2020-9963

The issue was addressed with improved handling of icon caches. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious app may be able to determine the existence of files on the computer.

5.5CVSS5.1AI score0.00325EPSS

CVE•added 2020/10/16 5:15 p.m.•69 views

CVE-2020-9968

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.7, tvOS 14.0, watchOS 7.0. A malicious application may be able to access restricted files.

5.5CVSS5AI score0.00205EPSS

Total number of security vulnerabilities3649