Apple iOS vulnerabilities

CVE-2017-2356 [HIGH] CVE-2017-2356: iOS 10.2.1 Apple Security Update: About the security content of iOS 10.2.1 Product: iOS Version: 10.2.1 CVE: CVE-2017-2356 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation.

CVE-2017-2354 [HIGH] CVE-2017-2354: iOS 10.2.1 Apple Security Update: About the security content of iOS 10.2.1 Product: iOS Version: 10.2.1 CVE: CVE-2017-2354 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2019-8811 [HIGH] CWE-787 CVE-2019-8811: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8782 [HIGH] CWE-787 CVE-2019-8782: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2020-3868 [HIGH] CWE-787 CVE-2020-3868: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2017-2355 [HIGH] CVE-2017-2355: iOS 10.2.1 Apple Security Update: About the security content of iOS 10.2.1 Product: iOS Version: 10.2.1 CVE: CVE-2017-2355 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory initialization issue was addressed through improved memory handling.

CVE-2021-30800 [HIGH] CVE-2021-30800: This issue was addressed with improved checks. This issue is fixed in iOS 14.7. Joining a malicious This issue was addressed with improved checks. This issue is fixed in iOS 14.7. Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution.

CVE-2019-6200 [HIGH] CWE-125 CVE-2019-6200: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1. An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code.

CVE-2019-2102 [HIGH] CVE-2019-2102: iOS 12.3 Apple Security Update: About the security content of iOS 12.3 Product: iOS Version: 12.3 CVE: CVE-2019-2102 Component: Bluetooth Impact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing Description: This issue was addressed by disabling accessories with insecure Bl

CVE-2018-20505 [HIGH] CVE-2018-20505: iOS 12.1.3 Apple Security Update: About the security content of iOS 12.1.3 Product: iOS Version: 12.1.3 CVE: CVE-2018-20505 Component: SQLite Impact: A maliciously crafted SQL query may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2019-9506 [HIGH] CVE-2019-9506: iOS 12.4 Apple Security Update: About the security content of iOS 12.4 Product: iOS Version: 12.4 CVE: CVE-2019-9506 Component: Bluetooth Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.

CVE-2019-6230 [HIGH] CWE-665 CVE-2019-6230: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

CVE-2018-4341 [HIGH] CVE-2018-4341: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4341 Component: IOKit Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4354 [HIGH] CVE-2018-4354: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4354 Component: IOKit Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling.

CVE-2020-9865 [HIGH] CWE-787 CVE-2020-9865: A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to break out of its sandbox.

CVE-2018-4275 [HIGH] CVE-2018-4275: iOS 11.4.1 Apple Security Update: About the security content of iOS 11.4.1 Product: iOS Version: 11.4.1 CVE: CVE-2018-4275 Component: Wi-Fi Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling.

CVE-2022-32892 [HIGH] CVE-2022-32892: iOS 16 Apple Security Update: About the security content of iOS 16 Product: iOS Version: 16 CVE: CVE-2022-32892 Component: WebKit Sandboxing Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with improvements to the sandbox.

CVE-2016-1801 [HIGH] CVE-2016-1801: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1801 Component: CVE-ID

CVE-2016-1762 [HIGH] CVE-2016-1762: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1762 Component: CVE-2016-1762

CVE-2019-8803 [HIGH] CWE-613 CVE-2019-8803: An authentication issue was addressed with improved state management. This issue is fixed in iOS 13. An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials..