Apple iOS vulnerabilities

1,765 known vulnerabilities affecting apple/ios.

Total CVEs

1,765

CISA KEV

actively exploited

Public exploits

229

Exploited in wild

Severity breakdown

CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7

Vulnerabilities

SortPage 65 of 89

CVE-2015-1102P4HIGHCVSS 7.1v8.3

CVE-2015-1102 [HIGH] CVE-2015-1102: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1102 Component: CVE-ID

apple

CVE-2015-5769P4HIGHCVSS 7.1v8.4.1

CVE-2015-5769 [HIGH] CVE-2015-5769: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-5769 Component: CVE-ID

apple

CVE-2021-30788P4HIGHCVSS 7.1≥ unspecified, < 14.72021-09-08

CVE-2021-30788 [HIGH] CVE-2021-30788: This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.

nvd

CVE-2016-4592P4MEDIUMCVSS 6.5v9.3.32016-07-18

CVE-2016-4592 [MEDIUM] CVE-2016-4592: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4592 Component: WebKit Impact: Visiting a maliciously crafted webpage may lead to a system denial of service Description: A memory consumption issue was addressed through improved memory handling.

apple

CVE-2016-4449P4HIGHCVSS 7.1v9.3.32016-07-18

CVE-2016-4449 [HIGH] CVE-2016-4449: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4449 Component: Libc Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.

apple

CVE-2019-8576P4HIGHCVSS 7.1≥ unspecified, < iOS 12.32019-12-18

CVE-2019-8576 [HIGH] CWE-125 CVE-2019-8576: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory.

nvdapple

CVE-2018-4247P4MEDIUMCVSS 6.5v11.42018-05-29

CVE-2018-4247 [MEDIUM] CVE-2018-4247: iOS 11.4 Apple Security Update: About the security content of iOS 11.4 Product: iOS Version: 11.4 CVE: CVE-2018-4247 Component: Safari Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved validation.

apple

CVE-2014-8127P4MEDIUMCVSS 6.5v8.4

CVE-2014-8127 [MEDIUM] CVE-2014-8127: iOS 8.4 Apple Security Update: About the security content of iOS 8.4 Product: iOS Version: 8.4 CVE: CVE-2014-8127 Component: CVE-2014-8127

apple

CVE-2015-1101P4MEDIUMCVSS 6.9v8.3

CVE-2015-1101 [MEDIUM] CVE-2015-1101: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1101 Component: CVE-ID

apple

CVE-2014-4494P4MEDIUMCVSS 6.8v8.1.3

CVE-2014-4494 [MEDIUM] CVE-2014-4494: iOS 8.1.3 Apple Security Update: About the security content of iOS 8.1.3 Product: iOS Version: 8.1.3 CVE: CVE-2014-4494 Component: CVE-ID

apple

CVE-2019-8598P4MEDIUMCVSS 5.5≥ unspecified, < iOS 12.32019-12-18

CVE-2019-8598 [MEDIUM] CWE-119 CVE-2019-8598: An input validation issue was addressed with improved input validation. This issue is fixed in iOS 1 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory.

nvdapple

CVE-2017-7830P4MEDIUMCVSS 6.5v11.2.52018-01-23

CVE-2017-7830 [MEDIUM] CVE-2017-7830: iOS 11.2.5 Apple Security Update: About the security content of iOS 11.2.5 Product: iOS Version: 11.2.5 CVE: CVE-2017-7830 Component: WebKit Page Loading Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

apple

CVE-2016-4690P4MEDIUMCVSS 6.8v10.22016-12-12

CVE-2016-4690 [MEDIUM] CVE-2016-4690: iOS 10.2 Apple Security Update: About the security content of iOS 10.2 Product: iOS Version: 10.2 CVE: CVE-2016-4690 Component: Image Capture Impact: A malicious HID device may be able to cause arbitrary code execution Description: A validation issue existed in the handling of USB image devices. This issue was addressed through improved input validation.

apple

CVE-2020-9829P4MEDIUMCVSS 6.5≥ unspecified, < iOS 13.5 and iPadOS 13.52020-06-09

CVE-2020-9829 [MEDIUM] CWE-20 CVE-2020-9829: A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 a A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5. Processing a maliciously crafted text message may lead to application denial of service.

nvd

CVE-2018-4409P4MEDIUMCVSS 6.5v12.12018-10-30

CVE-2018-4409 [MEDIUM] CVE-2018-4409: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4409 Component: WebKit Impact: A malicious website may be able to cause a denial of service Description: A resource exhaustion issue was addressed with improved input validation.

apple

CVE-2018-4439P4MEDIUMCVSS 6.5v12.1.12018-12-05

CVE-2018-4439 [MEDIUM] CVE-2018-4439: iOS 12.1.1 Apple Security Update: About the security content of iOS 12.1.1 Product: iOS Version: 12.1.1 CVE: CVE-2018-4439 Component: Safari Impact: Visiting a malicious website may lead to user interface spoofing Description: A logic issue was addressed with improved validation.

apple

CVE-2019-8626P4MEDIUMCVSS 6.5≥ unspecified, < iOS 12.32019-12-18

CVE-2019-8626 [MEDIUM] CWE-20 CVE-2019-8626: An input validation issue was addressed with improved input validation. This issue is fixed in iOS 1 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.

nvdapple

CVE-2018-4385P4MEDIUMCVSS 6.5v12.12018-10-30

CVE-2018-4385 [MEDIUM] CVE-2018-4385: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4385 Component: WebKit Impact: Visiting a malicious website may lead to address bar spoofing Description: A logic issue was addressed with improved state management.

apple

CVE-2017-13891P4MEDIUMCVSS 6.5v11.22017-12-02

CVE-2017-13891 [MEDIUM] CVE-2017-13891: iOS 11.2 Apple Security Update: About the security content of iOS 11.2 Product: iOS Version: 11.2 CVE: CVE-2017-13891 Component: SafariViewController Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed through improved state management.

apple

CVE-2016-7591P4MEDIUMCVSS 6.5v10.22016-12-12

CVE-2016-7591 [MEDIUM] CVE-2016-7591: iOS 10.2 Apple Security Update: About the security content of iOS 10.2 Product: iOS Version: 10.2 CVE: CVE-2016-7591 Component: IOHIDFamily Impact: A local application with system privileges may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management.

apple

← Previous65 / 89Next →