Apple iOS vulnerabilities

1,765 known vulnerabilities affecting apple/ios.

Total CVEs

1,765

CISA KEV

actively exploited

Public exploits

229

Exploited in wild

Severity breakdown

CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7

Vulnerabilities

SortPage 68 of 89

CVE-2014-8130P4MEDIUMCVSS 6.5v8.4

CVE-2014-8130 [MEDIUM] CVE-2014-8130: iOS 8.4 Apple Security Update: About the security content of iOS 8.4 Product: iOS Version: 8.4 CVE: CVE-2014-8130 Component: CVE-2014-8130

apple

CVE-2015-3800P4HIGHCVSS 7.2v8.4.1

CVE-2015-3800 [HIGH] CVE-2015-3800: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-3800 Component: CVE-ID

apple

CVE-2015-3802P4HIGHCVSS 7.2v8.4.1

CVE-2015-3802 [HIGH] CVE-2015-3802: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-3802 Component: CVE-ID

apple

CVE-2015-3805P4HIGHCVSS 7.2v8.4.1

CVE-2015-3805 [HIGH] CVE-2015-3805: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-3805 Component: CVE-ID

apple

CVE-2016-4776P4HIGHCVSS 7.1v102016-09-13

CVE-2016-4776 [HIGH] CVE-2016-4776: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4776 Component: Kernel Impact: An application may be able to determine kernel memory layout Description: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.

apple

CVE-2016-4774P4HIGHCVSS 7.1v102016-09-13

CVE-2016-4774 [HIGH] CVE-2016-4774: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4774 Component: Kernel Impact: An application may be able to determine kernel memory layout Description: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.

apple

CVE-2016-4773P4HIGHCVSS 7.1v102016-09-13

CVE-2016-4773 [HIGH] CVE-2016-4773: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4773 Component: Kernel Impact: An application may be able to determine kernel memory layout Description: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.

apple

CVE-2017-7060P4MEDIUMCVSS 6.5v10.3.32017-07-19

CVE-2017-7060 [MEDIUM] CVE-2017-7060: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7060 Component: Safari Printing Impact: Processing maliciously crafted web content may lead to an infinite number of print dialogs Description: An issue existed where a malicious or compromised website could show infinite print dialogs and make users believe their browser was locked. The issue was addressed through throttling of print dialogs

apple

CVE-2020-3862P4MEDIUMCVSS 6.5≥ unspecified, < iOS 13.3.1 and iPadOS 13.3.12020-02-27

CVE-2020-3862 [MEDIUM] CVE-2020-3862: A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13 A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service.

nvd

CVE-2017-7109P4MEDIUMCVSS 6.1v112017-09-19

CVE-2017-7109 [MEDIUM] CVE-2017-7109: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-7109 Component: WebKit Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: Application Cache policy may be unexpectedly applied.

apple

CVE-2018-4309P4MEDIUMCVSS 6.1v122018-09-17

CVE-2018-4309 [MEDIUM] CVE-2018-4309: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4309 Component: WebKit Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.

apple

CVE-2018-4377P4MEDIUMCVSS 6.1v12.12018-10-30

CVE-2018-4377 [MEDIUM] CVE-2018-4377: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4377 Component: Safari Reader Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.

apple

CVE-2018-4374P4MEDIUMCVSS 6.1v12.12018-10-30

CVE-2018-4374 [MEDIUM] CVE-2018-4374: iOS 12.1 Apple Security Update: About the security content of iOS 12.1 Product: iOS Version: 12.1 CVE: CVE-2018-4374 Component: Safari Reader Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: A logic issue was addressed with improved validation.

apple

CVE-2019-8764P4MEDIUMCVSS 6.1v132019-09-19

CVE-2019-8764 [MEDIUM] CVE-2019-8764: iOS 13 Apple Security Update: About the security content of iOS 13 Product: iOS Version: 13 CVE: CVE-2019-8764 Component: WebKit Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management.

apple

CVE-2022-32891P4MEDIUMCVSS 6.1≥ unspecified, < 162023-02-27

CVE-2022-32891 [MEDIUM] CWE-1021 CVE-2022-32891: The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchO The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing.

nvdapple

CVE-2017-2393P4MEDIUMCVSS 6.1v10.32017-03-27

CVE-2017-2393 [MEDIUM] CVE-2017-2393: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2393 Component: Safari Reader Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: Multiple validation issues were addressed through improved input sanitization.

apple

CVE-2019-8505P4MEDIUMCVSS 6.1≥ unspecified, < iOS 12.22019-12-18

CVE-2019-8505 [MEDIUM] CWE-79 CVE-2019-8505: A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.

nvdapple

CVE-2019-6204P4MEDIUMCVSS 6.1≥ unspecified, < iOS 12.22019-12-18

CVE-2019-6204 [MEDIUM] CWE-79 CVE-2019-6204: A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.

nvdapple

CVE-2017-2411P4MEDIUMCVSS 5.9v11.22017-12-02

CVE-2017-2411 [MEDIUM] CVE-2017-2411: iOS 11.2 Apple Security Update: About the security content of iOS 11.2 Product: iOS Version: 11.2 CVE: CVE-2017-2411 Component: Calculator Impact: An attacker with a privileged network position may be able to alter currency conversion rates Description: Exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.

apple

CVE-2015-1819P4MEDIUMCVSS 5.0v9.3

CVE-2015-1819 [MEDIUM] CVE-2015-1819: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2015-1819 Component: CVE-2015-1819

apple

← Previous68 / 89Next →