cbcvebase.

Apple iOS vulnerabilities

1,765 known vulnerabilities affecting apple/ios.

Total CVEs
1,765
CISA KEV
27
actively exploited
Public exploits
229
Exploited in wild
43
Severity breakdown
CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7

Vulnerabilities

Page 77 of 89
CVE-2016-4719P4MEDIUMCVSS 5.5v102016-09-13
CVE-2016-4719 [MEDIUM] CVE-2016-4719: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4719 Component: GeoServices Impact: An application may be able to read sensitive location information Description: A permissions issue existed in PlaceData. This issue was addressed through improved permission validation.
apple
CVE-2016-7607P4MEDIUMCVSS 5.5v10.22016-12-12
CVE-2016-7607 [MEDIUM] CVE-2016-7607: iOS 10.2 Apple Security Update: About the security content of iOS 10.2 Product: iOS Version: 10.2 CVE: CVE-2016-7607 Component: Kernel Impact: An application may be able to read kernel memory Description: An insufficient initialization issue was addressed by properly initializing memory returned to user space.
apple
CVE-2020-27929P4MEDIUMCVSS 5.5≥ unspecified, < 12.42020-12-08
CVE-2020-27929 [MEDIUM] CVE-2020-27929: A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4.9. A user may send video in Group FaceTime calls without knowing that they have done so.
nvd
CVE-2021-30763P4MEDIUMCVSS 5.5≥ unspecified, < 14.72021-09-08
CVE-2021-30763 [MEDIUM] CWE-20 CVE-2021-30763: An input validation issue was addressed with improved input validation. This issue is fixed in iOS 1 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.7, watchOS 7.6. A shortcut may be able to bypass Internet permission requirements.
nvd
CVE-2015-7500P4MEDIUMCVSS 5.0v9.3
CVE-2015-7500 [MEDIUM] CVE-2015-7500: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2015-7500 Component: CVE-2015-7499
apple
CVE-2018-4173P4MEDIUMCVSS 5.5v11.32018-03-29
CVE-2018-4173 [MEDIUM] CVE-2018-4173: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4173 Component: Status Bar Impact: A malicious application may be able to access the microphone without indication to the user Description: A consistency issue existed in deciding when to show the microphone use indicator. The issue was resolved with improved capability validation.
apple
CVE-2019-8793P4MEDIUMCVSS 5.5≥ unspecified, < iOS 13.2 and iPadOS 13.22019-12-18
CVE-2019-8793 [MEDIUM] CVE-2019-8793: A consistency issue existed in deciding when to show the screen recording indicator. The issue was r A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator.
nvd
CVE-2015-7995P4MEDIUMCVSS 5.0v9.2.1
CVE-2015-7995 [MEDIUM] CVE-2015-7995: iOS 9.2.1 Apple Security Update: About the security content of iOS 9.2.1 Product: iOS Version: 9.2.1 CVE: CVE-2015-7995 Component: CVE-ID Impact: A local user may be able to execute arbitrary code with root privileges Description: A memory corruption issue was addressed through improved memory handling.
apple
CVE-2020-9885P4MEDIUMCVSS 5.5≥ unspecified, < iOS 13.6 and iPadOS 13.62020-10-16
CVE-2020-9885 [MEDIUM] CWE-345 CVE-2020-9885: An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verifi An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group.
nvd
CVE-2018-4313P4MEDIUMCVSS 5.5v122018-09-17
CVE-2018-4313 [MEDIUM] CVE-2018-4313: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4313 Component: Messages Impact: A local user may be able to discover a user’s deleted messages Description: A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions.
apple
CVE-2020-3917P4MEDIUMCVSS 5.5≥ unspecified, < iOS 13.4 and iPadOS 13.42020-04-01
CVE-2020-3917 [MEDIUM] CVE-2020-3917: This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tv This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks.
nvd
CVE-2022-32918P4MEDIUMCVSS 5.5v162022-09-12
CVE-2022-32918 [MEDIUM] CVE-2022-32918: iOS 16 Apple Security Update: About the security content of iOS 16 Product: iOS Version: 16 CVE: CVE-2022-32918 Component: Photos Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved data protection.
apple
CVE-2017-7113P4MEDIUMCVSS 5.5v11.12017-10-31
CVE-2017-7113 [MEDIUM] CVE-2017-7113: iOS 11.1 Apple Security Update: About the security content of iOS 11.1 Product: iOS Version: 11.1 CVE: CVE-2017-7113 Component: UIKit Impact: Characters in a secure text field might be revealed Description: The characters in a secure text field were revealed during focus change events. This issue was addressed through improved state management.
apple
CVE-2016-7651P4MEDIUMCVSS 5.3v10.22016-12-12
CVE-2016-7651 [MEDIUM] CVE-2016-7651: iOS 10.2 Apple Security Update: About the security content of iOS 10.2 Product: iOS Version: 10.2 CVE: CVE-2016-7651 Component: Accounts Impact: An issue existed which did not reset the authorization settings on app uninstall Description: This issue was addressed through improved sanitization.
apple
CVE-2015-7499P4MEDIUMCVSS 5.0v9.3
CVE-2015-7499 [MEDIUM] CVE-2015-7499: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2015-7499 Component: CVE-2015-7499
apple
CVE-2014-4491P4MEDIUMCVSS 5.0v8.1.3
CVE-2014-4491 [MEDIUM] CVE-2014-4491: iOS 8.1.3 Apple Security Update: About the security content of iOS 8.1.3 Product: iOS Version: 8.1.3 CVE: CVE-2014-4491 Component: CVE-ID
apple
CVE-2015-8317P4MEDIUMCVSS 5.0v9.3.32016-07-18
CVE-2015-8317 [MEDIUM] CVE-2015-8317: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2015-8317 Component: Libc Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow existed within the "link_ntoa()" function in linkaddr.c. This issue was addressed through additional bounds checking.
apple
CVE-2015-1112P4MEDIUMCVSS 5.0v8.3
CVE-2015-1112 [MEDIUM] CVE-2015-1112: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1112 Component: CVE-ID
apple
CVE-2022-32875P4MEDIUMCVSS 5.0v162022-09-12
CVE-2022-32875 [MEDIUM] CVE-2022-32875: iOS 16 Apple Security Update: About the security content of iOS 16 Product: iOS Version: 16 CVE: CVE-2022-32875 Component: Weather Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved state management.
apple
CVE-2015-3755P4MEDIUMCVSS 4.3v8.4.1
CVE-2015-3755 [MEDIUM] CVE-2015-3755: iOS 8.4.1 Apple Security Update: About the security content of iOS 8.4.1 Product: iOS Version: 8.4.1 CVE: CVE-2015-3755 Component: CVE-ID
apple
← Previous77 / 89Next →
Apple iOS vulnerabilities | cvebase