Apple iOS vulnerabilities

1,765 known vulnerabilities affecting apple/ios.

Total CVEs

1,765

CISA KEV

actively exploited

Public exploits

227

Exploited in wild

Severity breakdown

CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7

Vulnerabilities

SortPage 40 of 89

CVE-2018-4211HIGHCVSS 7.8v11.42018-05-29

CVE-2018-4211 [HIGH] CVE-2018-4211: iOS 11.4 Apple Security Update: About the security content of iOS 11.4 Product: iOS Version: 11.4 CVE: CVE-2018-4211 Component: FontParser Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation.

apple

CVE-2020-9814HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09

CVE-2020-9814 [HIGH] CWE-787 CVE-2020-9814: A logic issue existed resulting in memory corruption. This was addressed with improved state managem A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.

nvd

CVE-2020-9816HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09

CVE-2020-9816 [HIGH] CWE-787 CVE-2020-9816: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.

nvd

CVE-2020-9813HIGHCVSS 7.8≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09

CVE-2020-9813 [HIGH] CWE-787 CVE-2020-9813: A logic issue existed resulting in memory corruption. This was addressed with improved state managem A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges.

nvd

CVE-2016-1753HIGHCVSS 7.8v9.3

CVE-2016-1753 [HIGH] CVE-2016-1753: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1753 Component: CVE-ID

apple

CVE-2020-9768HIGHCVSS 7.8≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01

CVE-2020-9768 [HIGH] CWE-416 CVE-2020-9768: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13. A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges.

nvd

CVE-2016-4712HIGHCVSS 7.8v102016-09-13

CVE-2016-4712 [HIGH] CVE-2016-4712: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4712 Component: CoreCrypto Impact: An application may be able to execute arbitrary code Description: An out-of-bounds write issue was addressed by removing the vulnerable code.

apple

CVE-2020-3840HIGHCVSS 7.8≥ unspecified, < iOS 13.3.1 and iPadOS 13.3.12020-02-27

CVE-2020-3840 [HIGH] CWE-119 CVE-2020-3840: An off by one issue existed in the handling of racoon configuration files. This issue was addressed An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution.

nvd

CVE-2016-1808HIGHCVSS 7.8v9.3.2

CVE-2016-1808 [HIGH] CVE-2016-1808: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1808 Component: CVE-ID

apple

CVE-2016-4591HIGHCVSS 7.5v9.3.32016-07-18

CVE-2016-4591 [HIGH] CVE-2016-4591: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4591 Component: WebKit Impact: Visiting a maliciously crafted website may leak sensitive data Description: A permissions issue existed in the handling of the location variable. This was addressed though additional ownership checks.

apple

CVE-2020-9980HIGHCVSS 7.8≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-22

CVE-2020-9980 [HIGH] CWE-787 CVE-2020-9980: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted font file may lead to arbitrary code execution.

nvd

CVE-2020-9891HIGHCVSS 7.8≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-16

CVE-2020-9891 [HIGH] CWE-125 CVE-2020-9891: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

nvd

CVE-2020-9890HIGHCVSS 7.8≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-16

CVE-2020-9890 [HIGH] CWE-125 CVE-2020-9890: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

nvd

CVE-2020-9888HIGHCVSS 7.8≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-16

CVE-2020-9888 [HIGH] CWE-125 CVE-2020-9888: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

nvd

CVE-2019-8785HIGHCVSS 7.8≥ unspecified, < iOS 13.2 and iPadOS 13.22019-12-18

CVE-2019-8785 [HIGH] CWE-787 CVE-2019-8785: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

nvd

CVE-2019-8797HIGHCVSS 7.8≥ unspecified, < iOS 13.2 and iPadOS 13.22019-12-18

CVE-2019-8797 [HIGH] CWE-787 CVE-2019-8797: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

nvd

CVE-2019-8786HIGHCVSS 7.8≥ unspecified, < iOS 13.2 and iPadOS 13.22019-12-18

CVE-2019-8786 [HIGH] CWE-787 CVE-2019-8786: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

nvd

CVE-2017-2451HIGHCVSS 7.8v10.32017-03-27

CVE-2017-2451 [HIGH] CVE-2017-2451: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2451 Component: Security Impact: An application may be able to execute arbitrary code with root privileges Description: A buffer overflow was addressed through improved bounds checking.

apple

CVE-2021-30760HIGHCVSS 7.8≥ unspecified, < 14.72021-09-08

CVE-2021-30760 [HIGH] CWE-190 CVE-2021-30760: An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7 An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.

nvd

CVE-2020-9889HIGHCVSS 7.8≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-16

CVE-2020-9889 [HIGH] CWE-787 CVE-2020-9889: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.

nvd

← Previous40 / 89Next →