Apple iOS vulnerabilities
479 known vulnerabilities affecting apple/ios.
Total CVEs
479
CISA KEV
18
actively exploited
Public exploits
36
Exploited in wild
19
Severity breakdown
CRITICAL32HIGH288MEDIUM132LOW27
Vulnerabilities
Page 12 of 24
CVE-2020-9811MEDIUMCVSS 5.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9811 [MEDIUM] CVE-2020-9811: An information disclosure issue was addressed with improved state management. This issue is fixed in
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A local user may be able to read kernel memory.
cvelistv5nvd
CVE-2020-9797MEDIUMCVSS 5.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9797 [MEDIUM] CVE-2020-9797: An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed i
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine another application's memory layout.
cvelistv5nvd
CVE-2020-9809MEDIUMCVSS 5.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9809 [MEDIUM] CVE-2020-9809: An information disclosure issue was addressed with improved state management. This issue is fixed in
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine kernel memory layout.
cvelistv5nvd
CVE-2020-9848LOWCVSS 2.4≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09
CVE-2020-9848 [LOW] CVE-2020-9848: An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5
An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5. A person with physical access to an iOS device may be able to view notification contents from the lockscreen.
cvelistv5nvd
CVE-2020-9859HIGHCVSS 7.8KEV≥ unspecified, < iOS 13.5.1 and iPadOS 13.5.12020-06-05
CVE-2020-9859 [HIGH] CWE-415 CVE-2020-9859: A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 1
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
cvelistv5nvd
CVE-2019-6203CRITICALCVSS 9.8≥ unspecified, < iOS 12.22020-04-17
CVE-2019-6203 [CRITICAL] CVE-2019-6203: A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS M
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic.
cvelistv5nvd
CVE-2020-3911CRITICALCVSS 9.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3911 [CRITICAL] CWE-120 CVE-2020-3911: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and i
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
cvelistv5nvd
CVE-2020-3909CRITICALCVSS 9.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3909 [CRITICAL] CWE-120 CVE-2020-3909: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and i
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
cvelistv5nvd
CVE-2020-3910CRITICALCVSS 9.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3910 [CRITICAL] CWE-120 CVE-2020-3910: A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and i
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
cvelistv5nvd
CVE-2020-3900HIGHCVSS 8.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3900 [HIGH] CWE-787 CVE-2020-3900: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-9768HIGHCVSS 7.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-9768 [HIGH] CWE-416 CVE-2020-9768: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges.
cvelistv5nvd
CVE-2020-3901HIGHCVSS 8.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3901 [HIGH] CWE-843 CVE-2020-3901: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-3899HIGHCVSS 8.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3899 [HIGH] CVE-2020-3899: A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 1
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.
cvelistv5nvd
CVE-2020-3897HIGHCVSS 8.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3897 [HIGH] CWE-843 CVE-2020-3897: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.
cvelistv5nvd
CVE-2020-3895HIGHCVSS 8.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3895 [HIGH] CWE-787 CVE-2020-3895: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
cvelistv5nvd
CVE-2020-9783HIGHCVSS 8.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-9783 [HIGH] CWE-416 CVE-2020-9783: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution.
cvelistv5nvd
CVE-2020-3913HIGHCVSS 7.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3913 [HIGH] CVE-2020-3913: A permissions issue existed. This issue was addressed with improved permission validation. This issu
A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, watchOS 6.2. A malicious application may be able to elevate privileges.
cvelistv5nvd
CVE-2020-9785HIGHCVSS 7.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-9785 [HIGH] CWE-787 CVE-2020-9785: Multiple memory corruption issues were addressed with improved state management. This issue is fixed
Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.
cvelistv5nvd
CVE-2020-3883HIGHCVSS 8.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3883 [HIGH] CVE-2020-3883: This issue was addressed with improved checks. This issue is fixed in iOS 13.4 and iPadOS 13.4, macO
This issue was addressed with improved checks. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to use arbitrary entitlements.
cvelistv5nvd
CVE-2020-3919HIGHCVSS 7.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3919 [HIGH] CWE-665 CVE-2020-3919: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges.
cvelistv5nvd