Apple iOS vulnerabilities
1,765 known vulnerabilities affecting apple/ios.
Total CVEs
1,765
CISA KEV
27
actively exploited
Public exploits
227
Exploited in wild
30
Severity breakdown
CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7
Vulnerabilities
Page 29 of 89
CVE-2018-4427HIGHCVSS 7.8v12.12018-10-30
CVE-2018-4427 [HIGH] CVE-2018-4427: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4427
Component: IOHIDFamily
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
apple
CVE-2018-4375HIGHCVSS 8.8v12.12018-10-30
CVE-2018-4375 [HIGH] CVE-2018-4375: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4375
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
apple
CVE-2018-4369HIGHCVSS 7.5v12.12018-10-30
CVE-2018-4369 [HIGH] CVE-2018-4369: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4369
Component: NetworkExtension
Impact: Connecting to a VPN server may leak DNS queries to a DNS proxy
Description: A logic issue was addressed with improved state management.
apple
CVE-2018-4392HIGHCVSS 8.8v12.12018-10-30
CVE-2018-4392 [HIGH] CVE-2018-4392: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4392
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
apple
CVE-2018-4386HIGHCVSS 8.8PoCv12.12018-10-30
CVE-2018-4386 [HIGH] CVE-2018-4386: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4386
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
apple
CVE-2018-4384HIGHCVSS 7.8PoCv12.12018-10-30
CVE-2018-4384 [HIGH] CVE-2018-4384: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4384
Component: AppleAVD
Impact: Processing malicious video via FaceTime may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved input validation.
apple
CVE-2018-4378HIGHCVSS 8.8v12.12018-10-30
CVE-2018-4378 [HIGH] CVE-2018-4378: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4378
Component: WebKit
Impact: Processing maliciously crafted web content may lead to code execution
Description: A memory corruption issue was addressed with improved validation.
apple
CVE-2018-4366HIGHCVSS 7.5PoCv12.12018-10-30
CVE-2018-4366 [HIGH] CVE-2018-4366: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4366
Component: FaceTime
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved input validation.
apple
CVE-2018-4416HIGHCVSS 8.8PoCv12.12018-10-30
CVE-2018-4416 [HIGH] CVE-2018-4416: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4416
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
apple
CVE-2018-4419HIGHCVSS 7.8v12.12018-10-30
CVE-2018-4419 [HIGH] CVE-2018-4419: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4419
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
apple
CVE-2018-4373HIGHCVSS 8.8v12.12018-10-30
CVE-2018-4373 [HIGH] CVE-2018-4373: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4373
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
apple
CVE-2018-4394HIGHCVSS 7.8v12.12018-10-30
CVE-2018-4394 [HIGH] CVE-2018-4394: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4394
Component: ICU
Impact: Processing a maliciously crafted string may lead to heap corruption
Description: A memory corruption issue was addressed with improved input validation.
apple
CVE-2018-4376HIGHCVSS 8.8v12.12018-10-30
CVE-2018-4376 [HIGH] CVE-2018-4376: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4376
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
apple
CVE-2018-4398HIGHCVSS 7.5v12.12018-10-30
CVE-2018-4398 [HIGH] CVE-2018-4398: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4398
Component: CoreCrypto
Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes.
apple
CVE-2018-4420HIGHCVSS 7.8v12.12018-10-30
CVE-2018-4420 [HIGH] CVE-2018-4420: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4420
Component: Kernel
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed by removing the vulnerable code.
apple
CVE-2018-4372HIGHCVSS 8.8v12.12018-10-30
CVE-2018-4372 [HIGH] CVE-2018-4372: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4372
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
apple
CVE-2018-4365MEDIUMCVSS 5.5v12.12018-10-30
CVE-2018-4365 [MEDIUM] CVE-2018-4365: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4365
Component: Contacts
Impact: Processing a maliciously crafted vcf file may lead to a denial of service
Description: An out-of-bounds read was addressed with improved bounds checking.
apple
CVE-2018-4385MEDIUMCVSS 6.5v12.12018-10-30
CVE-2018-4385 [MEDIUM] CVE-2018-4385: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4385
Component: WebKit
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state management.
apple
CVE-2018-4388MEDIUMCVSS 4.6v12.12018-10-30
CVE-2018-4388 [MEDIUM] CVE-2018-4388: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4388
Component: Notes
Impact: A local attacker may be able to share items from the lock screen
Description: A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device.
apple
CVE-2018-4413MEDIUMCVSS 5.5v12.12018-10-30
CVE-2018-4413 [MEDIUM] CVE-2018-4413: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4413
Component: Kernel
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with improved memory handling.
apple