Apple iOS vulnerabilities

CVE-2017-13834 [HIGH] CVE-2017-13834: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-13834 Component: Kernel Impact: Processing a malformed mach binary may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved validation.

CVE-2022-26744 [HIGH] CVE-2022-26744: iOS 16 Apple Security Update: About the security content of iOS 16 Product: iOS Version: 16 CVE: CVE-2022-26744 Component: GPU Drivers Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2017-13904 [HIGH] CVE-2017-13904: iOS 11.2 Apple Security Update: About the security content of iOS 11.2 Product: iOS Version: 11.2 CVE: CVE-2017-13904 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13799 [HIGH] CVE-2017-13799: iOS 11.1 Apple Security Update: About the security content of iOS 11.1 Product: iOS Version: 11.1 CVE: CVE-2017-13799 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4412 [HIGH] CVE-2018-4412: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4412 Component: CoreFoundation Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation.

CVE-2018-4414 [HIGH] CVE-2018-4414: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4414 Component: CoreFoundation Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation.

CVE-2020-3858 [HIGH] CWE-787 CVE-2020-3858: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.

CVE-2016-4632 [HIGH] CVE-2016-4632: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4632 Component: ImageIO Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling.

CVE-2018-4347 [HIGH] CVE-2018-4347: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4347 Component: CoreText Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2018-4144 [HIGH] CVE-2018-4144: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4144 Component: Security Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation.

CVE-2019-8511 [HIGH] CWE-120 CVE-2019-8511: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges.

CVE-2019-8795 [HIGH] CWE-787 CVE-2019-8795: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges.

CVE-2013-1741 [HIGH] CVE-2013-1741: iOS 8.4 Apple Security Update: About the security content of iOS 8.4 Product: iOS Version: 8.4 CVE: CVE-2013-1741 Component: CVE-2013-1741

CVE-2020-3856 [HIGH] CWE-20 CVE-2020-3856: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption.

CVE-2019-8542 [HIGH] CWE-120 CVE-2019-8542: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macO A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.

CVE-2016-1830 [HIGH] CVE-2016-1830: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1830 Component: CVE-ID Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation.

CVE-2020-9936 [HIGH] CWE-787 CVE-2020-9936: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.

CVE-2017-7010 [HIGH] CVE-2017-7010: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7010 Component: Kernel Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization.

CVE-2018-4394 [HIGH] CVE-2018-4394: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4394 Component: ICU Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory corruption issue was addressed with improved input validation.

CVE-2020-9877 [HIGH] CWE-125 CVE-2020-9877: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.