Apple iOS vulnerabilities

CVE-2016-1717 [HIGH] CVE-2016-1717: iOS 9.2.1 Apple Security Update: About the security content of iOS 9.2.1 Product: iOS Version: 9.2.1 CVE: CVE-2016-1717 Component: CVE-ID

CVE-2016-4627 [HIGH] CVE-2016-4627: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4627 Component: IOAcceleratorFamily Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved validation.

CVE-2016-4626 [HIGH] CVE-2016-4626: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4626 Component: IOHIDFamily Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation.

CVE-2016-1832 [HIGH] CVE-2016-1832: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1832 Component: CVE-ID Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling.

CVE-2022-32887 [HIGH] CVE-2022-32887: The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges.

CVE-2022-32889 [HIGH] CVE-2022-32889: The issue was addressed with improved memory handling. This issue is fixed in iOS 16, watchOS 9. An The issue was addressed with improved memory handling. This issue is fixed in iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

CVE-2020-9900 [HIGH] CWE-59 CVE-2020-9900: An issue existed within the path validation logic for symlinks. This issue was addressed with improv An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker may be able to elevate their privileges.

CVE-2020-9901 [HIGH] CWE-59 CVE-2020-9901: An issue existed within the path validation logic for symlinks. This issue was addressed with improv An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges.

CVE-2022-32865 [HIGH] CVE-2022-32865: iOS 16 Apple Security Update: About the security content of iOS 16 Product: iOS Version: 16 CVE: CVE-2022-32865 Component: DriverKit Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2019-8529 [HIGH] CWE-787 CVE-2019-8529: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges.

CVE-2017-7063 [HIGH] CVE-2017-7063: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7063 Component: Messages Impact: A remote attacker may cause an unexpected application termination Description: A memory consumption issue was addressed through improved memory handling.

CVE-2015-6992 [HIGH] CVE-2015-6992: iOS 9.1 Apple Security Update: About the security content of iOS 9.1 Product: iOS Version: 9.1 CVE: CVE-2015-6992 Component: CVE-ID

CVE-2015-6975 [HIGH] CVE-2015-6975: iOS 9.1 Apple Security Update: About the security content of iOS 9.1 Product: iOS Version: 9.1 CVE: CVE-2015-6975 Component: CVE-ID

CVE-2015-7017 [HIGH] CVE-2015-7017: iOS 9.1 Apple Security Update: About the security content of iOS 9.1 Product: iOS Version: 9.1 CVE: CVE-2015-7017 Component: CVE-ID

CVE-2017-2461 [HIGH] CVE-2017-2461: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2461 Component: CoreText Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A resource exhaustion issue was addressed through improved input validation.

CVE-2015-5775 [HIGH] CVE-2015-5775: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-5775 Component: CVE-ID

CVE-2015-3804 [HIGH] CVE-2015-3804: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-3804 Component: CVE-ID

CVE-2015-3717 [HIGH] CVE-2015-3717: iOS 8.4 Apple Security Update: About the security content of iOS 8.4 Product: iOS Version: 8.4 CVE: CVE-2015-3717 Component: CVE-ID

CVE-2021-36690 [HIGH] CVE-2021-36690: iOS 16 Apple Security Update: About the security content of iOS 16 Product: iOS Version: 16 CVE: CVE-2021-36690 Component: CVE-2021-36690

CVE-2014-3192 [HIGH] CVE-2014-3192: iOS 8.1.3 Apple Security Update: About the security content of iOS 8.1.3 Product: iOS Version: 8.1.3 CVE: CVE-2014-3192 Component: CVE-ID