Iphone Os@* Security Vulnerabilities and Issues — Page 48 of Iphone Os@* CVE List

Lucene search

AppleIphone Os*

3624 matches found

CVE•added 2016/02/07 1:59 a.m.•57 views

CVE-2016-0802

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.

8.8CVSS7.5AI score0.0519EPSS

CVE•added 2016/03/24 1:59 a.m.•57 views

CVE-2016-1752

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to cause a denial of service via a crafted app.

7.1CVSS5.6AI score0.00185EPSS

CVE•added 2016/03/24 1:59 a.m.•57 views

CVE-2016-1754

The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1755.

9.3CVSS7.1AI score0.03453EPSS

CVE•added 2016/05/20 10:59 a.m.•57 views

CVE-2016-1819

Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a craft...

9.3CVSS7.6AI score0.07645EPSS

CVE•added 2016/07/22 2:59 a.m.•57 views

CVE-2016-1865

The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors.

5.5CVSS5.7AI score0.00107EPSS

CVE•added 2017/02/20 8:59 a.m.•57 views

CVE-2016-4666

An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and appli...

8.8CVSS8.6AI score0.01084EPSS

CVE•added 2016/09/25 10:59 a.m.•57 views

CVE-2016-4718

Buffer overflow in FontParser in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory via a crafted font file.

6.5CVSS6.5AI score0.0232EPSS

CVE•added 2017/02/20 8:59 a.m.•57 views

CVE-2016-7594

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ICU" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic...

8.8CVSS8AI score0.00907EPSS

CVE•added 2017/02/20 8:59 a.m.•57 views

CVE-2016-7643

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service...

8.1CVSS6.3AI score0.00497EPSS

CVE•added 2017/02/20 8:59 a.m.•57 views

CVE-2017-2368

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card.

5.5CVSS5AI score0.00233EPSS

CVE•added 2017/04/02 1:59 a.m.•57 views

CVE-2017-2423

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successful result from a SecKeyRawVerify API call with an ...

9.8CVSS7.6AI score0.00292EPSS

CVE•added 2017/04/02 1:59 a.m.•57 views

CVE-2017-2452

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to read text messages on the lock screen via unspecified vectors.

4.6CVSS5AI score0.00078EPSS

CVE•added 2017/05/22 5:29 a.m.•57 views

CVE-2017-2536

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and app...

8.8CVSS8AI score0.10876EPSS

CVE•added 2017/05/22 5:29 a.m.•57 views

CVE-2017-6991

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8.4AI score0.00958EPSS

CVE•added 2017/07/20 4:29 p.m.•57 views

CVE-2017-7063

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. watchOS before 3.2.3 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (memory consumption and application crash).

7.5CVSS7.2AI score0.01242EPSS

CVE•added 2017/10/23 1:29 a.m.•57 views

CVE-2017-7118

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service (crash) via a crafted image.

5.5CVSS5.7AI score0.00276EPSS

CVE•added 2018/04/03 6:29 a.m.•57 views

CVE-2018-4086

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Security" component. It allows remote attackers to spoof certificate validation via crafted n...

5.9CVSS5.8AI score0.00326EPSS

CVE•added 2018/04/03 6:29 a.m.•57 views

CVE-2018-4123

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves alarm and timer handling in the "Clock" component. It allows physically proximate attackers to discover the iTunes e-mail address.

2.4CVSS4.1AI score0.00075EPSS

CVE•added 2018/04/13 5:29 p.m.•57 views

CVE-2018-4173

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app.

5.5CVSS5.5AI score0.00136EPSS

CVE•added 2018/06/08 6:29 p.m.•57 views

CVE-2018-4244

An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri Contacts" component. It allows physically proximate attackers to discover private contact information via Siri.

4.6CVSS4.4AI score0.00072EPSS

CVE•added 2019/12/18 6:15 p.m.•57 views

CVE-2019-8566

An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user.

4.3CVSS4.7AI score0.00276EPSS

CVE•added 2020/02/27 9:15 p.m.•57 views

CVE-2020-3858

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.4AI score0.00374EPSS

CVE•added 2020/10/16 5:15 p.m.•57 views

CVE-2020-9903

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain.

7.5CVSS7.3AI score0.00098EPSS

CVE•added 2020/10/22 7:15 p.m.•57 views

CVE-2020-9940

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

7.8CVSS8.2AI score0.00952EPSS

CVE•added 2020/10/16 5:15 p.m.•57 views

CVE-2020-9958

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.0 and iPadOS 14.0. An application may be able to cause unexpected system termination or write kernel memory.

9.3CVSS6.6AI score0.00179EPSS

CVE•added 2021/09/08 3:15 p.m.•57 views

CVE-2021-1835

This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. A person with physical access to an iOS device may be able to access notes from the lock screen.

4.6CVSS3.8AI score0.00128EPSS

CVE•added 2021/08/24 7:15 p.m.•57 views

CVE-2021-30948

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access stored passwords without authentication.

4.6CVSS3.7AI score0.00055EPSS

CVE•added 2021/08/24 7:15 p.m.•57 views

CVE-2021-30988

Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to identify what other applications a user has installed.

5.5CVSS5AI score0.00168EPSS

CVE•added 2022/11/01 8:15 p.m.•57 views

CVE-2022-32914

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.00113EPSS

CVE•added 2022/11/01 8:15 p.m.•57 views

CVE-2022-42830

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges.

6.7CVSS7.2AI score0.0006EPSS

CVE•added 2024/03/08 2:15 a.m.•57 views

CVE-2023-28826

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data.

5.5CVSS6.3AI score0.00024EPSS

CVE•added 2023/09/27 3:19 p.m.•57 views

CVE-2023-41980

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to bypass Privacy preferences.

5.5CVSS5.1AI score0.00021EPSS

CVE•added 2024/06/10 9:15 p.m.•57 views

CVE-2024-27799

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8. An unprivileged app may be able to log keystrokes in other apps including those using secure input mode.

3.3CVSS5.8AI score0.00022EPSS

CVE•added 2024/06/10 9:15 p.m.•57 views

CVE-2024-27800

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing a maliciously crafted message may lead to a deni...

7.1CVSS6.1AI score0.00103EPSS

CVE•added 2024/06/10 9:15 p.m.•57 views

CVE-2024-27819

The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access may be able to access contacts from the lock screen.

2.4CVSS5.6AI score0.00076EPSS

CVE•added 2024/06/10 9:15 p.m.•57 views

CVE-2024-27828

The issue was addressed with improved memory handling. This issue is fixed in visionOS 1.2, watchOS 10.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.1AI score0.00057EPSS

CVE•added 2024/09/17 12:15 a.m.•57 views

CVE-2024-44167

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files.

8.1CVSS6.3AI score0.0033EPSS

CVE•added 2024/10/28 9:15 p.m.•57 views

CVE-2024-44259

This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. An attacker may be able to misuse a trust relationship to download malicious content.

8.8CVSS6.4AI score0.00186EPSS

CVE•added 2025/03/31 11:15 p.m.•57 views

CVE-2025-24097

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to read arbitrary file metadata.

5CVSS5.8AI score0.00012EPSS

CVE•added 2025/01/27 10:15 p.m.•57 views

CVE-2025-24127

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.00022EPSS

CVE•added 2025/01/27 10:15 p.m.•57 views

CVE-2025-24128

The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS6AI score0.00052EPSS

CVE•added 2025/01/27 10:15 p.m.•57 views

CVE-2025-24145

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone number in system logs.

3.3CVSS5.5AI score0.00022EPSS

CVE•added 2025/03/31 11:15 p.m.•57 views

CVE-2025-30471

A validation issue was addressed with improved logic. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A remote user may be able to cause a denial-of-service.

7.5CVSS5.8AI score0.00174EPSS

CVE•added 2011/03/11 2:1 a.m.•56 views

CVE-2011-1204

Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.

6.8CVSS8.7AI score0.02435EPSS

CVE•added 2011/06/29 5:55 p.m.•56 views

CVE-2011-2351

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

6.8CVSS7AI score0.02007EPSS

CVE•added 2011/09/19 12:2 p.m.•56 views

CVE-2011-2846

Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.

6.8CVSS7AI score0.02104EPSS

CVE•added 2011/09/19 12:2 p.m.•56 views

CVE-2011-2854

6.8CVSS7AI score0.0184EPSS

CVE•added 2012/04/05 10:2 p.m.•56 views

CVE-2011-3075

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.

6.8CVSS6.9AI score0.02128EPSS

CVE•added 2012/04/05 10:2 p.m.•56 views

CVE-2011-3076

6.8CVSS6.9AI score0.02128EPSS

CVE•added 2012/01/24 4:3 a.m.•56 views

CVE-2011-3928

Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.

7.5CVSS7AI score0.0234EPSS

Total number of security vulnerabilities3624