Apple iOS vulnerabilities

1,765 known vulnerabilities affecting apple/ios.

Total CVEs

1,765

CISA KEV

actively exploited

Public exploits

229

Exploited in wild

Severity breakdown

CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7

Vulnerabilities

SortPage 61 of 89

CVE-2015-3749P4MEDIUMCVSS 6.8v8.4.1

CVE-2015-3749 [MEDIUM] CVE-2015-3749: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-3749 Component: CVE-ID

apple

CVE-2015-1120P4MEDIUMCVSS 6.8v8.3

CVE-2015-1120 [MEDIUM] CVE-2015-1120: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1120 Component: CVE-2015-1076

apple

CVE-2018-4151P4HIGHCVSS 7.0v11.32018-03-29

CVE-2018-4151 [HIGH] CVE-2018-4151: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4151 Component: Find My iPhone Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. This issue was addressed through improved state checking during restore.

apple

CVE-2018-4156P4HIGHCVSS 7.0v11.32018-03-29

CVE-2018-4156 [HIGH] CVE-2018-4156: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4156 Component: PluginKit Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation.

apple

CVE-2018-4154P4HIGHCVSS 7.0v11.32018-03-29

CVE-2018-4154 [HIGH] CVE-2018-4154: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4154 Component: Storage Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation.

apple

CVE-2016-4760P4MEDIUMCVSS 6.5v102016-09-13

CVE-2016-4760 [MEDIUM] CVE-2016-4760: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4760 Component: WebKit Impact: A malicious website may be able to access non-HTTP services Description: Safari's support of HTTP/0.9 allowed cross-protocol exploitation of non-HTTP services using DNS rebinding. The issue was addressed by restricting HTTP/0.9 responses to default ports and canceling resource loads if the document was loaded with a differe

apple

CVE-2015-1086P4MEDIUMCVSS 6.9v8.3

CVE-2015-1086 [MEDIUM] CVE-2015-1086: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1086 Component: CVE-2015-1086

apple

CVE-2017-7085P4MEDIUMCVSS 6.5v112017-09-19

CVE-2017-7085 [MEDIUM] CVE-2017-7085: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-7085 Component: Safari Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management.

apple

CVE-2018-4271P4MEDIUMCVSS 6.5v11.4.12018-07-09

CVE-2018-4271 [MEDIUM] CVE-2018-4271: iOS 11.4.1 Apple Security Update: About the security content of iOS 11.4.1 Product: iOS Version: 11.4.1 CVE: CVE-2018-4271 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: Multiple memory corruption issues were addressed with improved input validation.

apple

CVE-2018-4270P4MEDIUMCVSS 6.5v11.4.12018-07-09

CVE-2018-4270 [MEDIUM] CVE-2018-4270: iOS 11.4.1 Apple Security Update: About the security content of iOS 11.4.1 Product: iOS Version: 11.4.1 CVE: CVE-2018-4270 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved memory handling.

apple

CVE-2018-4273P4MEDIUMCVSS 6.5v11.4.12018-07-09

CVE-2018-4273 [MEDIUM] CVE-2018-4273: iOS 11.4.1 Apple Security Update: About the security content of iOS 11.4.1 Product: iOS Version: 11.4.1 CVE: CVE-2018-4273 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: Multiple memory corruption issues were addressed with improved input validation.

apple

CVE-2018-4368P4MEDIUMCVSS 6.5v12.12018-10-30

CVE-2018-4368 [MEDIUM] CVE-2018-4368: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4368 Component: WiFi Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation.

apple

CVE-2018-4187P4MEDIUMCVSS 6.5v11.32018-03-29

CVE-2018-4187 [MEDIUM] CVE-2018-4187: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4187 Component: LinkPresentation Impact: Processing a maliciously crafted text message may lead to UI spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

apple

CVE-2019-8528P4MEDIUMCVSS 6.7≥ unspecified, < 12.22020-10-27

CVE-2019-8528 [MEDIUM] CWE-416 CVE-2019-8528: A use after free issue was addressed with improved memory management. This issue is fixed in watchOS A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.

nvdapple

CVE-2021-30796P4MEDIUMCVSS 6.5≥ unspecified, < 14.72021-09-08

CVE-2021-30796 [MEDIUM] CVE-2021-30796: A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing a maliciously crafted image may lead to a denial of service.

nvd

CVE-2017-2517P4MEDIUMCVSS 6.5v10.3.32017-07-19

CVE-2017-2517 [MEDIUM] CVE-2017-2517: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-2517 Component: Safari Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management.

apple

CVE-2015-3750P4MEDIUMCVSS 6.4v8.4.1

CVE-2015-3750 [MEDIUM] CVE-2015-3750: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-3750 Component: CVE-ID

apple

CVE-2017-2386P4MEDIUMCVSS 6.5v10.32017-03-27

CVE-2017-2386 [MEDIUM] CVE-2017-2386: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2386 Component: WebKit Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A prototype access issue was addressed through improved exception handling.

apple

CVE-2017-2424P4MEDIUMCVSS 6.5v10.32017-03-27

CVE-2017-2424 [MEDIUM] CVE-2017-2424: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2424 Component: WebKit Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: An information disclosure issue existed in the processing of OpenGL shaders. This issue was addressed through improved memory management.

apple

CVE-2017-2350P4MEDIUMCVSS 6.5v10.2.12017-01-23

CVE-2017-2350 [MEDIUM] CVE-2017-2350: iOS 10.2.1 Apple Security Update: About the security content of iOS 10.2.1 Product: iOS Version: 10.2.1 CVE: CVE-2017-2350 Component: WebKit Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A prototype access issue was addressed through improved exception handling.

apple

← Previous61 / 89Next →