Apple iOS vulnerabilities

CVE-2020-9773 [LOW] CVE-2020-9773: The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 14.0 and i The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 14.0 and iPadOS 14.0. A malicious application may be able to identify what other applications a user has installed.

CVE-2019-8566 [LOW] CWE-20 CVE-2019-8566: An API issue existed in the handling of microphone data. This issue was addressed with improved vali An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user.

CVE-2017-7148 [LOW] CVE-2017-7148: iOS 11 Apple Security Update: About the security content of iOS 11 Product: iOS Version: 11 CVE: CVE-2017-7148 Component: Location Framework Impact: An application may be able to read sensitive location information Description: A permissions issue existed in the handling of the location variable. This was addressed with additional ownership checks.

CVE-2020-3873 [LOW] CVE-2020-3873: This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iP This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messages” may not apply to all mail previews.

CVE-2016-1849 [LOW] CVE-2016-1849: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1849 Component: CVE-ID

CVE-2019-8630 [LOW] CVE-2019-8630: The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking.

CVE-2018-4322 [LOW] CVE-2018-4322: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4322 Component: Accounts Impact: A local app may be able to read a persistent account identifier Description: This issue was addressed with improved entitlements.

CVE-2022-32835 [LOW] CWE-200 CVE-2022-32835: This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An ap This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.

CVE-2017-13844 [LOW] CVE-2017-13844: iOS 11.1 Apple Security Update: About the security content of iOS 11.1 Product: iOS Version: 11.1 CVE: CVE-2017-13844 Component: Messages Impact: A person with physical access to an iOS device may be able to access photos from the lock screen Description: A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management.

CVE-2015-1108 [LOW] CVE-2015-1108: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1108 Component: CVE-2015-1108

CVE-2015-5923 [LOW] CVE-2015-5923: iOS 9.0.2 Apple Security Update: About the security content of iOS 9.0.2 Product: iOS Version: 9.0.2 CVE: CVE-2015-5923 Component: CVE-2015-5923

CVE-2014-4455 [LOW] CVE-2014-4455: iOS 8.1.3 Apple Security Update: About the security content of iOS 8.1.3 Product: iOS Version: 8.1.3 CVE: CVE-2014-4455 Component: CVE-ID

CVE-2015-1096 [LOW] CVE-2015-1096: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1096 Component: CVE-ID

CVE-2015-1114 [LOW] CVE-2015-1114: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1114 Component: CVE-2015-1114

CVE-2015-1107 [LOW] CVE-2015-1107: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1107 Component: CVE-ID

CVE-2018-4446 [LOW] CVE-2018-4446: iOS 12.1.1 Apple Security Update: About the security content of iOS 12.1.1 Product: iOS Version: 12.1.1 CVE: CVE-2018-4446 Component: File Provider Impact: A malicious application may be able to learn information about the presence of other applications on the device Description: This issue was addressed with improved entitlements.

CVE-2016-4749 [LOW] CVE-2016-4749: iOS 10 Apple Security Update: About the security content of iOS 10 Product: iOS Version: 10 CVE: CVE-2016-4749 Component: Printing UIKit Impact: An unencrypted document may be written to a temporary file when using AirPrint preview Description: An issue existed in AirPrint preview. This was addressed through improved environment sanitization.

CVE-2018-4352 [LOW] CVE-2018-4352: iOS 12 Apple Security Update: About the security content of iOS 12 Product: iOS Version: 12 CVE: CVE-2018-4352 Component: Notes Impact: A local user may be able to discover a user’s deleted notes Description: A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions.

CVE-2020-9780 [LOW] CWE-212 CVE-2020-9780: The issue was resolved by clearing application previews when content is deleted. This issue is fixed The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher.

CVE-2015-1106 [LOW] CVE-2015-1106: iOS 8.3 Apple Security Update: About the security content of iOS 8.3 Product: iOS Version: 8.3 CVE: CVE-2015-1106 Component: CVE-ID Impact: Processing a maliciously crafted configuration profile may lead to unexpected application termination Description: A memory corruption issue existed in the handling of configuration profiles. This issue was addressed through improved bounds checking.