Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleIphone Os

3749 matches found

CVE
CVEadded 2022/03/18 6:15 p.m.124 views

CVE-2022-22643

This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A user may send audio and video in a FaceTime call without knowing that they have done so.

7.5CVSS7AI score0.00422EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.124 views

CVE-2022-32947

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.8AI score0.0027EPSS
CVE
CVEadded 2023/09/27 3:19 p.m.124 views

CVE-2023-40403

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information.

6.5CVSS5.8AI score0.00137EPSS
CVE
CVEadded 2024/03/08 2:15 a.m.124 views

CVE-2024-23226

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. Processing web content may lead to arbitrary code execution.

8.8CVSS7.5AI score0.00709EPSS
CVE
CVEadded 2024/03/08 2:15 a.m.124 views

CVE-2024-23280

An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user.

7.5CVSS5AI score0.0053EPSS
CVE
CVEadded 2022/05/26 8:15 p.m.123 views

CVE-2022-26766

A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation.

5.5CVSS5.7AI score0.03033EPSS
CVE
CVEadded 2025/03/31 11:15 p.m.123 views

CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.

7.8CVSS7.5AI score0.0002EPSS
CVE
CVEadded 2021/09/08 2:15 p.m.122 views

CVE-2021-30737

A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, iOS 12.5.4, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted...

8.8CVSS8.4AI score0.00851EPSS
CVE
CVEadded 2022/12/15 7:15 p.m.122 views

CVE-2022-42864

A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.

7CVSS7.4AI score0.0551EPSS
CVE
CVEadded 2023/02/27 8:15 p.m.122 views

CVE-2023-23498

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account.

3.3CVSS2.9AI score0.0003EPSS
CVE
CVEadded 2024/01/23 1:15 a.m.122 views

CVE-2024-23213

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.

8.8CVSS8.3AI score0.00394EPSS
CVE
CVEadded 2025/03/31 11:15 p.m.122 views

CVE-2025-24208

A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack.

6.1CVSS5.4AI score0.00031EPSS
CVE
CVEadded 2025/05/12 10:15 p.m.122 views

CVE-2025-31205

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.

6.5CVSS5.7AI score0.00034EPSS
CVE
CVEadded 2018/06/08 6:29 p.m.120 views

CVE-2018-4192

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" co...

7.5CVSS8AI score0.43945EPSS
CVE
CVEadded 2020/10/16 5:15 p.m.120 views

CVE-2020-9870

A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code.

8.8CVSS7.6AI score0.00322EPSS
CVE
CVEadded 2021/04/02 7:15 p.m.120 views

CVE-2021-1797

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files.

5.5CVSS5.7AI score0.00104EPSS
CVE
CVEadded 2022/05/26 7:15 p.m.120 views

CVE-2022-26731

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode.

4.3CVSS5AI score0.00456EPSS
CVE
CVEadded 2023/02/27 8:15 p.m.120 views

CVE-2022-32824

The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.

5.5CVSS4.2AI score0.00048EPSS
CVE
CVEadded 2025/01/27 10:15 p.m.120 views

CVE-2024-54543

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.9AI score0.00173EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.119 views

CVE-2016-1840

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cr...

7.8CVSS8.6AI score0.02142EPSS
CVE
CVEadded 2020/10/16 5:15 p.m.119 views

CVE-2020-9976

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0. A malicious application may be able to leak sensitive user information.

5.5CVSS5AI score0.00288EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.119 views

CVE-2022-22614

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.9AI score0.00313EPSS
CVE
CVEadded 2022/05/26 7:15 p.m.119 views

CVE-2022-26714

A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS8.1AI score0.0048EPSS
CVE
CVEadded 2024/03/08 2:15 a.m.119 views

CVE-2024-23273

This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.

4.3CVSS4.3AI score0.00118EPSS
CVE
CVEadded 2008/09/12 4:56 p.m.118 views

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.

10CVSS7.3AI score0.58863EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.118 views

CVE-2016-1837

Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a cr...

5.5CVSS6.6AI score0.01788EPSS
CVE
CVEadded 2017/12/25 9:29 p.m.118 views

CVE-2017-13856

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.01523EPSS
CVE
CVEadded 2018/06/08 6:29 p.m.118 views

CVE-2018-4222

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" co...

8.8CVSS8AI score0.68543EPSS
CVE
CVEadded 2022/11/01 8:15 p.m.118 views

CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00443EPSS
CVE
CVEadded 2009/08/11 6:30 p.m.117 views

CVE-2009-2416

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Cod...

6.5CVSS6.7AI score0.01414EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.117 views

CVE-2017-2356

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arb...

8.8CVSS8.1AI score0.00584EPSS
CVE
CVEadded 2017/07/20 4:29 p.m.117 views

CVE-2017-7027

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS8.1AI score0.00183EPSS
CVE
CVEadded 2019/12/18 6:15 p.m.117 views

CVE-2019-6222

A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown.

4.3CVSS5AI score0.00363EPSS
CVE
CVEadded 2020/04/01 6:15 p.m.117 views

CVE-2020-9770

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic.

6.5CVSS5.6AI score0.00405EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.117 views

CVE-2022-22653

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4. A malicious website may be able to access information about the user and their devices.

7.5CVSS6.5AI score0.00322EPSS
CVE
CVEadded 2023/05/08 8:15 p.m.117 views

CVE-2023-23540

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00057EPSS
CVE
CVEadded 2025/03/10 7:15 p.m.117 views

CVE-2024-54467

A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.

6.5CVSS5.6AI score0.00082EPSS
CVE
CVEadded 2016/05/20 10:59 a.m.116 views

CVE-2016-1833

The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.

5.5CVSS6.3AI score0.01214EPSS
CVE
CVEadded 2017/02/20 8:59 a.m.116 views

CVE-2017-2364

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

6.5CVSS5.9AI score0.18057EPSS
CVE
CVEadded 2017/10/23 1:29 a.m.116 views

CVE-2017-7089

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandl...

6.1CVSS5.4AI score0.04871EPSS
CVE
CVEadded 2022/09/23 7:15 p.m.116 views

CVE-2022-22610

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to code execution.

8.8CVSS8.5AI score0.00385EPSS
CVE
CVEadded 2022/08/24 8:15 p.m.116 views

CVE-2022-32839

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution.

9.8CVSS8.8AI score0.01712EPSS
CVE
CVEadded 2022/09/20 9:15 p.m.116 views

CVE-2022-32911

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.9AI score0.00051EPSS
CVE
CVEadded 2024/04/24 5:15 p.m.116 views

CVE-2024-23271

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.

7.3CVSS5.5AI score0.00072EPSS
CVE
CVEadded 2013/09/19 10:27 a.m.115 views

CVE-2013-1047

WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.

6.8CVSS7.8AI score0.02313EPSS
CVE
CVEadded 2017/12/25 9:29 p.m.115 views

CVE-2017-13866

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attacker...

8.8CVSS7.7AI score0.01523EPSS
CVE
CVEadded 2020/02/27 9:15 p.m.115 views

CVE-2020-3842

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00414EPSS
CVE
CVEadded 2022/03/18 6:15 p.m.115 views

CVE-2022-22652

The GSMA authentication panel could be presented on the lock screen. The issue was resolved by requiring device unlock to interact with the GSMA authentication panel. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access may be able to view and modify the carrier account in...

6.1CVSS5.6AI score0.00065EPSS
CVE
CVEadded 2022/08/24 8:15 p.m.115 views

CVE-2022-32837

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory.

7.8CVSS7.1AI score0.0007EPSS
CVE
CVEadded 2024/12/12 2:15 a.m.115 views

CVE-2024-54505

A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.9AI score0.0038EPSS
Total number of security vulnerabilities3749