Apple iOS vulnerabilities

CVE-2019-8715 [HIGH] CWE-787 CVE-2019-8715: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. An application may be able to execute arbitrary code with system privileges.

CVE-2020-9904 [HIGH] CWE-787 CVE-2020-9904: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges.

CVE-2019-8549 [HIGH] CWE-20 CVE-2019-8549: Multiple input validation issues existed in MIG generated code. These issues were addressed with imp Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges.

CVE-2019-8709 [HIGH] CWE-787 CVE-2019-8709: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be able to execute arbitrary code with kernel privileges.

CVE-2020-9875 [HIGH] CWE-190 CVE-2020-9875: An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.

CVE-2017-13862 [HIGH] CVE-2017-13862: iOS 11.2 Apple Security Update: About the security content of iOS 11.2 Product: iOS Version: 11.2 CVE: CVE-2017-13862 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-6981 [HIGH] CVE-2017-6981: iOS 10.3.2 Apple Security Update: About the security content of iOS 10.3.2 Product: iOS Version: 10.3.2 CVE: CVE-2017-6981 Component: Foundation Impact: Parsing maliciously crafted data may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30781 [HIGH] CVE-2021-30781: This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary code execution.

CVE-2016-4750 [HIGH] CVE-2016-4750: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4750 Component: S2 Camera Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling.

CVE-2017-13829 [HIGH] CVE-2017-13829: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-13829 Component: CFNetwork Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2019-6202 [HIGH] CWE-125 CVE-2019-6202: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges.

CVE-2019-6221 [HIGH] CWE-125 CVE-2019-6221: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.

CVE-2018-4303 [HIGH] CVE-2018-4303: iOS 12.1.1 Apple Security Update: About the security content of iOS 12.1.1 Product: iOS Version: 12.1.1 CVE: CVE-2018-4303 Component: Airport Impact: A malicious application may be able to elevate privileges Description: A type confusion issue was addressed with improved memory handling.

CVE-2018-4371 [HIGH] CVE-2018-4371: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4371 Component: IPSec Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read was addressed with improved input validation.

CVE-2017-7162 [HIGH] CVE-2017-7162: iOS 11.2 Apple Security Update: About the security content of iOS 11.2 Product: iOS Version: 11.2 CVE: CVE-2017-7162 Component: IOKit Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7171 [HIGH] CVE-2017-7171: iOS 11.2 Apple Security Update: About the security content of iOS 11.2 Product: iOS Version: 11.2 CVE: CVE-2017-7171 Component: CoreAnimation Impact: An application may be able to execute arbitrary code with elevated privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13854 [HIGH] CVE-2017-13854: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-13854 Component: Kernel Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2020-9892 [HIGH] CWE-787 CVE-2020-9892: Multiple memory corruption issues were addressed with improved state management. This issue is fixed Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges.

CVE-2019-8574 [HIGH] CWE-787 CVE-2019-8574: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.

CVE-2018-4109 [HIGH] CVE-2018-4109: iOS 11.2.5 Apple Security Update: About the security content of iOS 11.2.5 Product: iOS Version: 11.2.5 CVE: CVE-2018-4109 Component: Graphics Driver Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.