Apple iOS vulnerabilities

CVE-2022-32866 [HIGH] CVE-2022-32866: iOS 16 Apple Security Update: About the security content of iOS 16 Product: iOS Version: 16 CVE: CVE-2022-32866 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-32911 [HIGH] CWE-787 CVE-2022-32911: The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, i The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.

CVE-2016-1751 [HIGH] CVE-2016-1751: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1751 Component: CVE-ID

CVE-2016-4724 [HIGH] CVE-2016-4724: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4724 Component: IOAcceleratorFamily Impact: An application may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation.

CVE-2020-3857 [HIGH] CWE-787 CVE-2020-3857: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

CVE-2018-4131 [HIGH] CVE-2018-4131: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4131 Component: WindowServer Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by

CVE-2016-4654 [HIGH] CVE-2016-4654: iOS 9.3.4 Apple Security Update: About the security content of iOS 9.3.4 Product: iOS Version: 9.3.4 CVE: CVE-2016-4654 Component: IOMobileFrameBuffer Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling.

CVE-2016-4675 [HIGH] CVE-2016-4675: iOS 10.1 Apple Security Update: About the security content of iOS 10.1 Product: iOS Version: 10.1 CVE: CVE-2016-4675 Component: Kernel Impact: A local application may be able to execute arbitrary code with root privileges Description: Multiple object lifetime issues existed when spawning new processes. These were addressed through improved validation.

CVE-2018-4215 [HIGH] CVE-2018-4215: iOS 11.4 Apple Security Update: About the security content of iOS 11.4 Product: iOS Version: 11.4 CVE: CVE-2018-4215 Component: Bluetooth Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation.

CVE-2020-9923 [HIGH] CWE-787 CVE-2020-9923: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges.

CVE-2016-4594 [HIGH] CVE-2016-4594: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4594 Component: Sandbox Profiles Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions.

CVE-2018-4095 [HIGH] CVE-2018-4095: iOS 11.2.5 Apple Security Update: About the security content of iOS 11.2.5 Product: iOS Version: 11.2.5 CVE: CVE-2018-4095 Component: Core Bluetooth Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2016-1831 [HIGH] CVE-2016-1831: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1831 Component: CVE-ID Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation.

CVE-2017-13880 [HIGH] CVE-2017-13880: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 11 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 11.2, watchOS 4.2. An application may be able to execute arbitrary code with kernel privilege.

CVE-2020-3913 [HIGH] CVE-2020-3913: A permissions issue existed. This issue was addressed with improved permission validation. This issu A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, watchOS 6.2. A malicious application may be able to elevate privileges.

CVE-2018-4408 [HIGH] CVE-2018-4408: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4408 Component: IOHIDFamily Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation.

CVE-2018-4426 [HIGH] CVE-2018-4426: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4426 Component: Grand Central Dispatch Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4401 [HIGH] CVE-2018-4401: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4401 Component: IOUserEthernet Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4425 [HIGH] CVE-2018-4425: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4425 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2016-1756 [HIGH] CVE-2016-1756: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1756 Component: CVE-ID