Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleIphone Os*

3624 matches found

CVE
CVEadded 2015/09/18 10:59 a.m.60 views

CVE-2015-5801

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01009EPSS
CVE
CVEadded 2015/09/18 10:59 a.m.60 views

CVE-2015-5804

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01093EPSS
CVE
CVEadded 2015/09/18 10:59 a.m.60 views

CVE-2015-5813

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-S...

6.8CVSS8.8AI score0.01093EPSS
CVE
CVEadded 2015/09/18 10:59 a.m.60 views

CVE-2015-5844

IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5845 and CVE-2015-5846.

9.3CVSS7AI score0.01466EPSS
CVE
CVEadded 2015/09/18 12:0 p.m.60 views

CVE-2015-5868

The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5896 and CVE-2015-5903.

7.2CVSS6AI score0.02023EPSS
CVE
CVEadded 2015/10/23 9:59 p.m.60 views

CVE-2015-7010

FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6...

6.8CVSS7.4AI score0.03768EPSS
CVE
CVEadded 2015/12/11 11:59 a.m.60 views

CVE-2015-7096

WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2...

6.8CVSS7.6AI score0.01093EPSS
CVE
CVEadded 2016/03/24 1:59 a.m.60 views

CVE-2016-1740

FontParser in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.

9.3CVSS7.4AI score0.0135EPSS
CVE
CVEadded 2016/09/25 10:59 a.m.60 views

CVE-2016-4737

WebKit in Apple iOS before 10, Safari before 10, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

9.3CVSS9.1AI score0.01841EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.60 views

CVE-2016-7598

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memor...

6.5CVSS5.9AI score0.00569EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.60 views

CVE-2016-7657

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOKit" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app.

4.3CVSS3.4AI score0.00201EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.60 views

CVE-2016-7660

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "syslog" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.

7.8CVSS5.9AI score0.00183EPSS
CVE
CVEadded 2018/04/03 6:29 a.m.60 views

CVE-2017-13877

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to determine whether arbitrary files exist via a crafted app.

4.3CVSS4.8AI score0.0019EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.60 views

CVE-2017-2352

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Unlock with iPhone" component, which allows attackers to bypass the wrist-presence protection mechanism and unlock a Watch device via unspecified vectors.

4.6CVSS4.3AI score0.00073EPSS
CVE
CVEadded 2017/04/02 1:59 a.m.60 views

CVE-2017-2398

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8AI score0.00173EPSS
CVE
CVEadded 2018/04/03 6:29 a.m.60 views

CVE-2017-7002

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8.5AI score0.0093EPSS
CVE
CVEadded 2018/04/03 6:29 a.m.60 views

CVE-2017-7005

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "JavaScriptCore" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption...

8.8CVSS8.6AI score0.04285EPSS
CVE
CVEadded 2017/10/23 1:29 a.m.60 views

CVE-2017-7129

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the third-party "SQLite" product. Versions before 3.19.3 allow remote attackers to cause a denial of service (ap...

9.8CVSS8.6AI score0.01729EPSS
CVE
CVEadded 2018/04/03 6:29 a.m.60 views

CVE-2017-7164

An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. The issue involves the "App Store" component. It allows man-in-the-middle attackers to spoof password prompts.

5.9CVSS5.1AI score0.00179EPSS
CVE
CVEadded 2018/06/08 6:29 p.m.60 views

CVE-2018-4250

An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message.

6.5CVSS5.6AI score0.00406EPSS
CVE
CVEadded 2019/01/11 6:29 p.m.60 views

CVE-2018-4330

In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling.

9.3CVSS7.3AI score0.16005EPSS
CVE
CVEadded 2019/04/03 6:29 p.m.60 views

CVE-2018-4333

A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

5.5CVSS6AI score0.00197EPSS
CVE
CVEadded 2019/04/03 6:29 p.m.60 views

CVE-2018-4366

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.

7.5CVSS7.5AI score0.0969EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.60 views

CVE-2019-8505

A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.

6.1CVSS5.9AI score0.00323EPSS
CVE
CVEadded 2020/10/27 8:15 p.m.60 views

CVE-2019-8547

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update ...

9.8CVSS7AI score0.01002EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.60 views

CVE-2019-8593

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8.3AI score0.00384EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.60 views

CVE-2019-8704

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information.

5.5CVSS6AI score0.00047EPSS
CVE
CVEadded 2020/04/01 6:15 p.m.60 views

CVE-2020-9768

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges.

9.3CVSS7.9AI score0.00477EPSS
CVE
CVEadded 2020/10/16 5:15 p.m.60 views

CVE-2020-9878

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS8.2AI score0.014EPSS
CVE
CVEadded 2020/10/22 7:15 p.m.60 views

CVE-2020-9901

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges.

7.8CVSS7AI score0.00147EPSS
CVE
CVEadded 2020/10/22 7:15 p.m.60 views

CVE-2020-9985

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS8.3AI score0.00865EPSS
CVE
CVEadded 2021/09/08 3:15 p.m.60 views

CVE-2021-1837

A certificate validation issue was addressed. This issue is fixed in iOS 14.5 and iPadOS 14.5. An attacker in a privileged network position may be able to alter network traffic.

5.3CVSS5.4AI score0.00089EPSS
CVE
CVEadded 2021/09/08 3:15 p.m.60 views

CVE-2021-1877

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A local user may be able to read kernel memory.

5.5CVSS4.9AI score0.00053EPSS
CVE
CVEadded 2021/10/28 7:15 p.m.60 views

CVE-2021-30816

The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS 15. An attacker with physical access to a device may be able to see private contact information.

2.4CVSS3AI score0.00053EPSS
CVE
CVEadded 2023/09/27 3:18 p.m.60 views

CVE-2023-35990

The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. An app may be able to identify what other apps a user has installed.

3.3CVSS3.7AI score0.00046EPSS
CVE
CVEadded 2023/09/27 3:19 p.m.60 views

CVE-2023-40419

The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to gain elevated privileges.

7.8CVSS6.6AI score0.00024EPSS
CVE
CVEadded 2023/09/27 3:19 p.m.60 views

CVE-2023-40424

The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access user-sensitive data.

5.5CVSS4.9AI score0.00069EPSS
CVE
CVEadded 2023/09/27 3:19 p.m.60 views

CVE-2023-40448

The issue was addressed with improved handling of protocols. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. A remote attacker may be able to break out of Web Content sandbox.

8.6CVSS7.4AI score0.01544EPSS
CVE
CVEadded 2024/03/28 4:15 p.m.60 views

CVE-2023-42896

An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to modify protected parts of the file system.

5.5CVSS7AI score0.00055EPSS
CVE
CVEadded 2024/01/23 1:15 a.m.60 views

CVE-2023-42937

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.

5.5CVSS5.6AI score0.00021EPSS
CVE
CVEadded 2024/03/05 8:16 p.m.60 views

CVE-2024-23256

A logic issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4. A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled.

3.3CVSS6.3AI score0.00081EPSS
CVE
CVEadded 2024/07/29 11:15 p.m.60 views

CVE-2024-27823

A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, macOS Ventura 13.6.7, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5. An attacker in a privileged network position may be able to spo...

5.9CVSS5.6AI score0.00267EPSS
CVE
CVEadded 2024/05/14 3:13 p.m.60 views

CVE-2024-27841

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to disclose kernel memory.

9.8CVSS5.1AI score0.00082EPSS
CVE
CVEadded 2024/07/29 11:15 p.m.60 views

CVE-2024-40785

This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.

6.1CVSS5.3AI score0.00846EPSS
CVE
CVEadded 2024/07/29 11:15 p.m.60 views

CVE-2024-40809

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, visionOS 1.3, macOS Sonoma 14.6. A shortcut may be able to bypass Internet permission requirements.

7.8CVSS5.7AI score0.00075EPSS
CVE
CVEadded 2024/10/28 10:15 p.m.60 views

CVE-2024-44240

The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.

6.5CVSS5.6AI score0.00088EPSS
CVE
CVEadded 2024/12/12 2:15 a.m.60 views

CVE-2024-54527

This issue was addressed with improved checks. This issue is fixed in watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access sensitive user data.

5.5CVSS5.5AI score0.00069EPSS
CVE
CVEadded 2025/03/31 11:15 p.m.60 views

CVE-2025-24238

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain elevated privileges.

9.8CVSS5.9AI score0.00071EPSS
CVE
CVEadded 2025/03/31 11:15 p.m.60 views

CVE-2025-30429

A path handling issue was addressed with improved validation. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.

6.3CVSS5.6AI score0.00019EPSS
CVE
CVEadded 2025/03/31 11:15 p.m.60 views

CVE-2025-31183

The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data.

9.8CVSS5.4AI score0.00069EPSS
Total number of security vulnerabilities3624