Apple iOS vulnerabilities

1,765 known vulnerabilities affecting apple/ios.

Total CVEs

1,765

CISA KEV

actively exploited

Public exploits

227

Exploited in wild

Severity breakdown

CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7

Vulnerabilities

SortPage 36 of 89

CVE-2018-4100HIGHCVSS 7.5v11.2.52018-01-23

CVE-2018-4100 [HIGH] CVE-2018-4100: iOS 11.2.5 Apple Security Update: About the security content of iOS 11.2.5 Product: iOS Version: 11.2.5 CVE: CVE-2018-4100 Component: LinkPresentation Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A resource exhaustion issue was addressed with improved input validation.

apple

CVE-2016-1740HIGHCVSS 7.8v9.3

CVE-2016-1740 [HIGH] CVE-2016-1740: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1740 Component: CVE-ID

apple

CVE-2016-1840HIGHCVSS 7.8v9.3.2

CVE-2016-1840 [HIGH] CVE-2016-1840: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1840 Component: CVE-ID Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved memory handling.

apple

CVE-2018-4185HIGHCVSS 7.5v11.32018-03-29

CVE-2018-4185 [HIGH] CVE-2018-4185: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4185 Component: Kernel Impact: A malicious application may be able to determine kernel memory layout Description: An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.

apple

CVE-2015-7036HIGHCVSS 7.5v8.4

CVE-2015-7036 [HIGH] CVE-2015-7036: iOS 8.4 Apple Security Update: About the security content of iOS 8.4 Product: iOS Version: 8.4 CVE: CVE-2015-7036 Component: CVE-ID

apple

CVE-2017-5029HIGHCVSS 7.8v10.32017-03-27

CVE-2017-5029 [HIGH] CVE-2017-5029: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-5029 Component: CVE-2017-2441 Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling.

apple

CVE-2020-9793HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09

CVE-2020-9793 [HIGH] CWE-20 CVE-2020-9793: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A remote attacker may be able to cause arbitrary code execution.

nvd

CVE-2014-4481MEDIUMCVSS 6.8v8.1.3

CVE-2014-4481 [MEDIUM] CVE-2014-4481: iOS 8.1.3 Apple Security Update: About the security content of iOS 8.1.3 Product: iOS Version: 8.1.3 CVE: CVE-2014-4481 Component: CVE-ID Impact: A local user may be able to execute unsigned code Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.

apple

CVE-2020-9883HIGHCVSS 7.8≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-22

CVE-2020-9883 [HIGH] CWE-120 CVE-2020-9883: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2018-4249HIGHCVSS 7.8v11.42018-05-29

CVE-2018-4249 [HIGH] CVE-2018-4249: iOS 11.4 Apple Security Update: About the security content of iOS 11.4 Product: iOS Version: 11.4 CVE: CVE-2018-4249 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

apple

CVE-2021-30759HIGHCVSS 7.8≥ unspecified, < 14.72021-09-08

CVE-2021-30759 [HIGH] CWE-787 CVE-2021-30759: A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macO A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

nvd

CVE-2014-4484HIGHCVSS 7.5v8.1.3

CVE-2014-4484 [HIGH] CVE-2014-4484: iOS 8.1.3 Apple Security Update: About the security content of iOS 8.1.3 Product: iOS Version: 8.1.3 CVE: CVE-2014-4484 Component: CVE-ID

apple

CVE-2016-1775HIGHCVSS 7.8v9.3

CVE-2016-1775 [HIGH] CVE-2016-1775: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1775 Component: CVE-ID

apple

CVE-2016-4772HIGHCVSS 7.5v102016-09-13

CVE-2016-4772 [HIGH] CVE-2016-4772: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4772 Component: Kernel Impact: A remote attacker may be able to cause a denial of service Description: A lock handling issue was addressed through improved lock handling.

apple

CVE-2016-1818HIGHCVSS 7.8v9.3.2

CVE-2016-1818 [HIGH] CVE-2016-1818: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1818 Component: CVE-ID

apple

CVE-2016-4733HIGHCVSS 7.8v102016-09-13

CVE-2016-4733 [HIGH] CVE-2016-4733: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4733 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved state management.

apple

CVE-2017-2379HIGHCVSS 7.8v10.32017-03-27

CVE-2017-2379 [HIGH] CVE-2017-2379: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2379 Component: Carbon Impact: Processing a maliciously crafted .dfont file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.

apple

CVE-2017-2432HIGHCVSS 7.8v10.32017-03-27

CVE-2017-2432 [HIGH] CVE-2017-2432: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2432 Component: ImageIO Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation.

apple

CVE-2021-30779HIGHCVSS 7.8≥ unspecified, < 14.72021-09-08

CVE-2021-30779 [HIGH] CVE-2021-30779: This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing a maliciously crafted image may lead to arbitrary code execution.

nvd

CVE-2020-9882HIGHCVSS 7.8≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-22

CVE-2020-9882 [HIGH] CWE-120 CVE-2020-9882: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.

nvd

← Previous36 / 89Next →