Apple iOS vulnerabilities
3,940 known vulnerabilities affecting apple/iphone_os.
Total CVEs
3,940
CISA KEV
92
actively exploited
Public exploits
248
Exploited in wild
79
Severity breakdown
CRITICAL313HIGH1610MEDIUM1730LOW287
Vulnerabilities
Page 101 of 197
CVE-2019-8787HIGHCVSS 7.5fixed in 13.22019-12-18
CVE-2019-8787 [HIGH] CWE-125 CVE-2019-8787: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory.
nvd
CVE-2019-8583HIGHCVSS 8.8fixed in 12.32019-12-18
CVE-2019-8583 [HIGH] CWE-787 CVE-2019-8583: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8822HIGHCVSS 8.8fixed in 13.22019-12-18
CVE-2019-8822 [HIGH] CWE-787 CVE-2019-8822: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8593HIGHCVSS 7.8fixed in 12.32019-12-18
CVE-2019-8593 [HIGH] CWE-787 CVE-2019-8593: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.
nvd
CVE-2019-8596HIGHCVSS 8.8fixed in 12.32019-12-18
CVE-2019-8596 [HIGH] CWE-787 CVE-2019-8596: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8681HIGHCVSS 8.8fixed in 12.42019-12-18
CVE-2019-8681 [HIGH] CWE-416 CVE-2019-8681: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8544HIGHCVSS 8.8fixed in 12.22019-12-18
CVE-2019-8544 [HIGH] CWE-787 CVE-2019-8544: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8685HIGHCVSS 8.8fixed in 12.42019-12-18
CVE-2019-8685 [HIGH] CWE-787 CVE-2019-8685: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-7287HIGHCVSS 7.8KEVfixed in 12.1.42019-12-18
CVE-2019-7287 [HIGH] CWE-787 CVE-2019-7287: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2019-8549HIGHCVSS 7.8fixed in 12.22019-12-18
CVE-2019-8549 [HIGH] CWE-20 CVE-2019-8549: Multiple input validation issues existed in MIG generated code. These issues were addressed with imp
Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges.
nvd
CVE-2019-8820HIGHCVSS 8.8PoCfixed in 13.22019-12-18
CVE-2019-8820 [HIGH] CWE-787 CVE-2019-8820: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8595HIGHCVSS 8.8fixed in 12.32019-12-18
CVE-2019-8595 [HIGH] CWE-787 CVE-2019-8595: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8518HIGHCVSS 8.8PoCfixed in 12.22019-12-18
CVE-2019-8518 [HIGH] CWE-787 CVE-2019-8518: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8823HIGHCVSS 8.8fixed in 13.22019-12-18
CVE-2019-8823 [HIGH] CWE-787 CVE-2019-8823: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8811HIGHCVSS 8.8fixed in 13.22019-12-18
CVE-2019-8811 [HIGH] CWE-787 CVE-2019-8811: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8506HIGHCVSS 8.8KEVPoCfixed in 12.22019-12-18
CVE-2019-8506 [HIGH] CWE-843 CVE-2019-8506: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8683HIGHCVSS 8.8fixed in 12.42019-12-18
CVE-2019-8683 [HIGH] CWE-787 CVE-2019-8683: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8797HIGHCVSS 7.8fixed in 13.22019-12-18
CVE-2019-8797 [HIGH] CWE-787 CVE-2019-8797: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.
nvd
CVE-2019-8602HIGHCVSS 7.8fixed in 12.32019-12-18
CVE-2019-8602 [HIGH] CWE-787 CVE-2019-8602: A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.
nvd
CVE-2019-8788HIGHCVSS 7.5fixed in 13.22019-12-18
CVE-2019-8788 [HIGH] CWE-20 CVE-2019-8788: An issue existed in the parsing of URLs. This issue was addressed with improved input validation. Th
An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration.
nvd