Apple iOS vulnerabilities
1,765 known vulnerabilities affecting apple/ios.
Total CVEs
1,765
CISA KEV
27
actively exploited
Public exploits
229
Exploited in wild
43
Severity breakdown
CRITICAL119HIGH907MEDIUM638LOW94UNKNOWN7
Vulnerabilities
Page 82 of 89
CVE-2019-7284P4MEDIUMCVSS 4.3≥ unspecified, < iOS 12.22019-12-18
CVE-2019-7284 [MEDIUM] CVE-2019-7284: This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a malicio
This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.
nvdapple
CVE-2019-6222P4MEDIUMCVSS 4.3≥ unspecified, < iOS 12.22019-12-18
CVE-2019-6222 [MEDIUM] CVE-2019-6222: A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A w
A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown.
nvdapple
CVE-2018-4307P4MEDIUMCVSS 4.3v122018-09-17
CVE-2018-4307 [MEDIUM] CVE-2018-4307: iOS 12
Apple Security Update: About the security content of iOS 12
Product: iOS
Version: 12
CVE: CVE-2018-4307
Component: Safari
Impact: A malicious website may be able to exfiltrate autofilled data in Safari
Description: A logic issue was addressed with improved state management.
apple
CVE-2014-4467P4MEDIUMCVSS 4.3v8.1.3
CVE-2014-4467 [MEDIUM] CVE-2014-4467: iOS 8.1.3
Apple Security Update: About the security content of iOS 8.1.3
Product: iOS
Version: 8.1.3
CVE: CVE-2014-4467
Component: CVE-ID
apple
CVE-2018-4445P4MEDIUMCVSS 4.3v12.1.12018-12-05
CVE-2018-4445 [MEDIUM] CVE-2018-4445: iOS 12.1.1
Apple Security Update: About the security content of iOS 12.1.1
Product: iOS
Version: 12.1.1
CVE: CVE-2018-4445
Component: Safari
Impact: A user may be unable to fully delete browsing history
Description: "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion.
apple
CVE-2016-4707P4MEDIUMCVSS 4.0v102016-09-13
CVE-2016-4707 [MEDIUM] CVE-2016-4707: iOS 10
Apple Security Update: About the security content of iOS 10
Product: iOS
Version: 10
CVE: CVE-2016-4707
Component: CFNetwork
Impact: A local user may be able to discover websites a user has visited
Description: An issue existed in Local Storage deletion. This issue was addressed through improved Local Storage cleanup.
apple
CVE-2017-7003P4MEDIUMCVSS 5.5v10.3.22017-05-15
CVE-2017-7003 [MEDIUM] CVE-2017-7003: iOS 10.3.2
Apple Security Update: About the security content of iOS 10.3.2
Product: iOS
Version: 10.3.2
CVE: CVE-2017-7003
Component: CoreText
Impact: Processing a maliciously crafted file may lead to application termination
Description: A denial of service issue was addressed through improved validation.
apple
CVE-2017-7118P4MEDIUMCVSS 5.5v112017-09-19
CVE-2017-7118 [MEDIUM] CVE-2017-7118: iOS 11
Apple Security Update: About the security content of iOS 11
Product: iOS
Version: 11
CVE: CVE-2017-7118
Component: Messages
Impact: Processing a maliciously crafted image may lead to a denial of service
Description: A denial of service issue was addressed through improved validation.
apple
CVE-2017-7072P4MEDIUMCVSS 5.5v112017-09-19
CVE-2017-7072 [MEDIUM] CVE-2017-7072: iOS 11
Apple Security Update: About the security content of iOS 11
Product: iOS
Version: 11
CVE: CVE-2017-7072
Component: HFS
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
apple
CVE-2016-1814P4MEDIUMCVSS 5.5v9.3.2
CVE-2016-1814 [MEDIUM] CVE-2016-1814: iOS 9.3.2
Apple Security Update: About the security content of iOS 9.3.2
Product: iOS
Version: 9.3.2
CVE: CVE-2016-1814
Component: CVE-ID
apple
CVE-2016-7665P4MEDIUMCVSS 5.5v10.22016-12-12
CVE-2016-7665 [MEDIUM] CVE-2016-7665: iOS 10.2
Apple Security Update: About the security content of iOS 10.2
Product: iOS
Version: 10.2
CVE: CVE-2016-7665
Component: Graphics Driver
Impact: Watching a maliciously crafted video may lead to a denial of service
Description: A denial of service issue existed in the handling of video. This issue was addressed through improved input validation.
apple
CVE-2018-4168P4MEDIUMCVSS 4.6v11.32018-03-29
CVE-2018-4168 [MEDIUM] CVE-2018-4168: iOS 11.3
Apple Security Update: About the security content of iOS 11.3
Product: iOS
Version: 11.3
CVE: CVE-2018-4168
Component: Files Widget
Impact: File Widget may display contents on a locked device
Description: The File Widget was displaying cached data when in the locked state. This issue was addressed with improved state management.
apple
CVE-2018-4252P4MEDIUMCVSS 4.6v11.42018-05-29
CVE-2018-4252 [MEDIUM] CVE-2018-4252: iOS 11.4
Apple Security Update: About the security content of iOS 11.4
Product: iOS
Version: 11.4
CVE: CVE-2018-4252
Component: Siri
Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen
Description: An issue existed with Siri permissions. This was addressed with improved permission checking.
apple
CVE-2018-4239P4MEDIUMCVSS 4.6v11.42018-05-29
CVE-2018-4239 [MEDIUM] CVE-2018-4239: iOS 11.4
Apple Security Update: About the security content of iOS 11.4
Product: iOS
Version: 11.4
CVE: CVE-2018-4239
Component: Magnifier
Impact: A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen
Description: A permissions issue existed in Magnifier. This was addressed with additional permission checks.
apple
CVE-2016-7634P4MEDIUMCVSS 4.6v10.22016-12-12
CVE-2016-7634 [MEDIUM] CVE-2016-7634: iOS 10.2
Apple Security Update: About the security content of iOS 10.2
Product: iOS
Version: 10.2
CVE: CVE-2016-7634
Component: Accessibility
Impact: A nearby user may be able to overhear spoken passwords
Description: A disclosure issue existed in the handling of passwords. This issue was addressed by disabling the speaking of passwords.
apple
CVE-2018-4388P4MEDIUMCVSS 4.6v12.12018-10-30
CVE-2018-4388 [MEDIUM] CVE-2018-4388: iOS 12.1
Apple Security Update: About the security content of iOS 12.1
Product: iOS
Version: 12.1
CVE: CVE-2018-4388
Component: Notes
Impact: A local attacker may be able to share items from the lock screen
Description: A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device.
apple
CVE-2017-2399P4MEDIUMCVSS 4.6v10.32017-03-27
CVE-2017-2399 [MEDIUM] CVE-2017-2399: iOS 10.3
Apple Security Update: About the security content of iOS 10.3
Product: iOS
Version: 10.3
CVE: CVE-2017-2399
Component: CVE-2017-2399
apple
CVE-2015-3725P4MEDIUMCVSS 4.3v8.4
CVE-2015-3725 [MEDIUM] CVE-2015-3725: iOS 8.4
Apple Security Update: About the security content of iOS 8.4
Product: iOS
Version: 8.4
CVE: CVE-2015-3725
Component: CVE-ID
apple
CVE-2015-3722P4MEDIUMCVSS 4.3v8.4
CVE-2015-3722 [MEDIUM] CVE-2015-3722: iOS 8.4
Apple Security Update: About the security content of iOS 8.4
Product: iOS
Version: 8.4
CVE: CVE-2015-3722
Component: CVE-ID
apple
CVE-2018-4278P4MEDIUMCVSS 4.3v11.4.12018-07-09
CVE-2018-4278 [MEDIUM] CVE-2018-4278: iOS 11.4.1
Apple Security Update: About the security content of iOS 11.4.1
Product: iOS
Version: 11.4.1
CVE: CVE-2018-4278
Component: WebKit
Impact: A malicious website may exfiltrate audio data cross-origin
Description: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
apple