Apple iOS vulnerabilities

CVE-2015-7050 [MEDIUM] CVE-2015-7050: iOS 9.2 Apple Security Update: About the security content of iOS 9.2 Product: iOS Version: 9.2 CVE: CVE-2015-7050 Component: CVE-ID

CVE-2016-1781 [MEDIUM] CVE-2016-1781: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1781 Component: CVE-ID

CVE-2016-4686 [MEDIUM] CVE-2016-4686: iOS 10.1 Apple Security Update: About the security content of iOS 10.1 Product: iOS Version: 10.1 CVE: CVE-2016-4686 Component: Contacts Impact: An application may be able to maintain access to the Address Book after access is revoked in Settings Description: An access control issue in the Address Book was addressed through improved file-link validation.

CVE-2015-1115 [MEDIUM] CVE-2015-1115: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1115 Component: CVE-ID

CVE-2016-7581 [MEDIUM] CVE-2016-7581: iOS 10.1 Apple Security Update: About the security content of iOS 10.1 Product: iOS Version: 10.1 CVE: CVE-2016-7581 Component: Safari Impact: A malicious website may be able to cause a denial-of-service Description: A denial of service issue was addressed through improved URL handling.

CVE-2015-7093 [MEDIUM] CVE-2015-7093: iOS 9.2 Apple Security Update: About the security content of iOS 9.2 Product: iOS Version: 9.2 CVE: CVE-2015-7093 Component: CVE-ID

CVE-2019-8727 [MEDIUM] CVE-2019-8727: A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing.

CVE-2015-6997 [MEDIUM] CVE-2015-6997: iOS 9.1 Apple Security Update: About the security content of iOS 9.1 Product: iOS Version: 9.1 CVE: CVE-2015-6997 Component: CVE-ID

CVE-2017-2368 [MEDIUM] CVE-2017-2368: iOS 10.2.1 Apple Security Update: About the security content of iOS 10.2.1 Product: iOS Version: 10.2.1 CVE: CVE-2017-2368 Component: Contacts Impact: Processing a maliciously crafted contact card may lead to unexpected application termination Description: An input validation issue existed in the parsing of contact cards. This issue was addressed through improved input validation.

CVE-2018-4304 [MEDIUM] CVE-2018-4304: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4304 Component: Text Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation.

CVE-2017-2452 [MEDIUM] CVE-2017-2452: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2017-2452 Component: Siri Impact: Siri might reveal text message contents while the device is locked Description: An insufficient locking issue was addressed with improved state management.

CVE-2017-2352 [MEDIUM] CVE-2017-2352: iOS 10.2.1 Apple Security Update: About the security content of iOS 10.2.1 Product: iOS Version: 10.2.1 CVE: CVE-2017-2352 Component: Unlock with iPhone Impact: Apple Watch may unlock when off the user’s wrist Description: A logic issue was addressed through improved state management.

CVE-2018-4244 [MEDIUM] CVE-2018-4244: iOS 11.4 Apple Security Update: About the security content of iOS 11.4 Product: iOS Version: 11.4 CVE: CVE-2018-4244 Component: Siri Contacts Impact: An attacker with physical access to a device may be able to see private contact information Description: An issue existed with Siri permissions. This was addressed with improved permission checking.

CVE-2016-4603 [MEDIUM] CVE-2016-4603: iOS 9.3.3 Apple Security Update: About the security content of iOS 9.3.3 Product: iOS Version: 9.3.3 CVE: CVE-2016-4603 Component: Web Media Impact: Viewing a video in Safari's Private Browsing mode displays the URL of the video outside of Private Browsing mode Description: A privacy issue existed in the handling of user data by Safari View Controller. This issue was addressed through improved state management.

CVE-2015-7022 [MEDIUM] CVE-2015-7022: iOS 9.1 Apple Security Update: About the security content of iOS 9.1 Product: iOS Version: 9.1 CVE: CVE-2015-7022 Component: CVE-ID

CVE-2016-1780 [MEDIUM] CVE-2016-1780: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2016-1780 Component: CVE-ID

CVE-2016-9642 [MEDIUM] CVE-2016-9642: iOS 10.3 Apple Security Update: About the security content of iOS 10.3 Product: iOS Version: 10.3 CVE: CVE-2016-9642 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation.

CVE-2015-8035 [MEDIUM] CVE-2015-8035: iOS 9.3 Apple Security Update: About the security content of iOS 9.3 Product: iOS Version: 9.3 CVE: CVE-2015-8035 Component: CVE-2015-7499

CVE-2016-7638 [MEDIUM] CVE-2016-7638: iOS 10.2 Apple Security Update: About the security content of iOS 10.2 Product: iOS Version: 10.2 CVE: CVE-2016-7638 Component: Find My iPhone Impact: An attacker with an unlocked device may be able to disable Find My iPhone Description: A state management issue existed in the handling of authentication information. This issue was addressed through improved storage of account information.

CVE-2018-4172 [MEDIUM] CVE-2018-4172: iOS 11.3 Apple Security Update: About the security content of iOS 11.3 Product: iOS Version: 11.3 CVE: CVE-2018-4172 Component: Find My iPhone Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. This issue was addressed through improved state checking during restore.