Apple iOS vulnerabilities
479 known vulnerabilities affecting apple/ios.
Total CVEs
479
CISA KEV
18
actively exploited
Public exploits
36
Exploited in wild
19
Severity breakdown
CRITICAL32HIGH288MEDIUM132LOW27
Vulnerabilities
Page 11 of 24
CVE-2020-9802HIGHCVSS 8.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9802 [HIGH] CVE-2020-9802: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-9818HIGHCVSS 8.8KEV≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9818 [HIGH] CWE-787 CVE-2020-9818: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination.
cvelistv5nvd
CVE-2020-9805HIGHCVSS 7.1≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9805 [HIGH] CWE-79 CVE-2020-9805: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.
cvelistv5nvd
CVE-2020-9790HIGHCVSS 8.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9790 [HIGH] CWE-787 CVE-2020-9790: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-9795HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9795 [HIGH] CWE-416 CVE-2020-9795: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to execute arbitrary code with kernel privileges.
cvelistv5nvd
CVE-2020-9839HIGHCVSS 7.0≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9839 [HIGH] CWE-362 CVE-2020-9839: A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPa
A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges.
cvelistv5nvd
CVE-2020-9826HIGHCVSS 7.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9826 [HIGH] CWE-20 CVE-2020-9826: A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 1
A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause a denial of service.
cvelistv5nvd
CVE-2020-9852HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9852 [HIGH] CWE-190 CVE-2020-9852: An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.
cvelistv5nvd
CVE-2020-9844HIGHCVSS 7.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9844 [HIGH] CWE-415 CVE-2020-9844: A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 a
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
cvelistv5nvd
CVE-2020-9800HIGHCVSS 8.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9800 [HIGH] CWE-843 CVE-2020-9800: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-9815HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9815 [HIGH] CWE-125 CVE-2020-9815: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 a
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted audio file may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-9793HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9793 [HIGH] CWE-20 CVE-2020-9793: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A remote attacker may be able to cause arbitrary code execution.
cvelistv5nvd
CVE-2020-9823HIGHCVSS 7.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9823 [HIGH] CVE-2020-9823: This issue was addressed with improved checks. This issue is fixed in iOS 13.5 and iPadOS 13.5. User
This issue was addressed with improved checks. This issue is fixed in iOS 13.5 and iPadOS 13.5. Users removed from an iMessage conversation may still be able to alter state.
cvelistv5nvd
CVE-2020-9821HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9821 [HIGH] CWE-787 CVE-2020-9821: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.
cvelistv5nvd
CVE-2020-9789HIGHCVSS 8.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9789 [HIGH] CWE-787 CVE-2020-9789: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-9812MEDIUMCVSS 5.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9812 [MEDIUM] CVE-2020-9812: An information disclosure issue was addressed with improved state management. This issue is fixed in
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.
cvelistv5nvd
CVE-2020-9829MEDIUMCVSS 6.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9829 [MEDIUM] CWE-20 CVE-2020-9829: A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 a
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted text message may lead to application denial of service.
cvelistv5nvd
CVE-2020-9819MEDIUMCVSS 4.3KEV≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9819 [MEDIUM] CWE-787 CVE-2020-9819: A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 1
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5, watchOS 5.3.7. Processing a maliciously crafted mail message may lead to heap corruption.
cvelistv5nvd
CVE-2020-9835MEDIUMCVSS 5.3≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9835 [MEDIUM] CVE-2020-9835: An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This
An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 13.5 and iPadOS 13.5. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing.
cvelistv5nvd
CVE-2020-9792MEDIUMCVSS 4.6≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9792 [MEDIUM] CWE-20 CVE-2020-9792: A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 a
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A USB device may be able to cause a denial of service.
cvelistv5nvd