Apple iOS vulnerabilities

CVE-2016-4753 [HIGH] CVE-2016-4753: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4753 Component: Security Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in signed disk images. This issue was addressed through improved size validation.

CVE-2020-9852 [HIGH] CWE-190 CVE-2020-9852: An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.

CVE-2020-9821 [HIGH] CWE-787 CVE-2020-9821: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.

CVE-2017-7132 [HIGH] CVE-2017-7132: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-7132 Component: Quick Look Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: A memory consumption issue was addressed through improved memory handling.

CVE-2017-13814 [HIGH] CVE-2017-13814: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-13814 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2017-13812 [HIGH] CVE-2017-13812: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-13812 Component: Keyboard Suggestions Impact: Keyboard autocorrect suggestions may reveal sensitive information Description: The iOS keyboard was inadvertently caching sensitive information. This issue was addressed with improved heuristics.

CVE-2017-13825 [HIGH] CVE-2017-13825: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-13825 Component: CoreText Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2018-4094 [HIGH] CVE-2018-4094: iOS 11.2.5 Apple Security Update: About the security content of iOS 11.2.5 Product: iOS Version: 11.2.5 CVE: CVE-2018-4094 Component: Audio Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2016-4777 [HIGH] CVE-2016-4777: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4777 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: An untrusted pointer dereference was addressed by removing the affected code.

CVE-2016-4778 [HIGH] CVE-2016-4778: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4778 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2016-4726 [HIGH] CVE-2016-4726: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4726 Component: IOAcceleratorFamily Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling.

CVE-2020-3826 [HIGH] CWE-125 CVE-2020-3826: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3. An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead to arbitrary code execution.

CVE-2016-1750 [HIGH] CVE-2016-1750: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1750 Component: CVE-ID

CVE-2019-8741 [HIGH] CWE-835 CVE-2019-8741: A denial of service issue was addressed with improved input validation. A denial of service issue was addressed with improved input validation.

CVE-2019-8784 [HIGH] CWE-787 CVE-2019-8784: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges.

CVE-2021-30792 [HIGH] CWE-787 CVE-2021-30792: An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.7 An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted image may lead to arbitrary code execution.

CVE-2017-7024 [HIGH] CVE-2017-7024: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7024 Component: Kernel Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7025 [HIGH] CVE-2017-7025: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7025 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7022 [HIGH] CVE-2017-7022: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7022 Component: Kernel Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7023 [HIGH] CVE-2017-7023: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7023 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.