Apple iOS vulnerabilities

3,940 known vulnerabilities affecting apple/iphone_os.

Total CVEs

3,940

CISA KEV

actively exploited

Public exploits

248

Exploited in wild

Severity breakdown

CRITICAL313HIGH1610MEDIUM1730LOW287

Vulnerabilities

Page 112 of 197

CVE-2018-4379MEDIUMCVSS 5.5fixed in 12.0.12019-04-03

CVE-2018-4379 [MEDIUM] CWE-200 CVE-2018-4379: A lock screen issue allowed access to the share function on a locked device. This issue was addresse A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.

nvd

CVE-2018-4307MEDIUMCVSS 4.3fixed in 12.02019-04-03

CVE-2018-4307 [MEDIUM] CWE-20 CVE-2018-4307: A logic issue was addressed with improved state management. This issue affected versions prior to iO A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12.

nvd

CVE-2018-4282MEDIUMCVSS 5.5fixed in 11.4.12019-04-03

CVE-2018-4282 [MEDIUM] CWE-125 CVE-2018-4282: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2.

nvd

CVE-2018-4429MEDIUMCVSS 6.5fixed in 12.1.12019-04-03

CVE-2018-4429 [MEDIUM] CWE-20 CVE-2018-4429: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input valid A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, watchOS 5.1.2.

nvd

CVE-2018-4355MEDIUMCVSS 5.5fixed in 12.02019-04-03

CVE-2018-4355 [MEDIUM] CWE-200 CVE-2018-4355: A configuration issue was addressed with additional restrictions. This issue affected versions prior A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

nvd

CVE-2018-4377MEDIUMCVSS 6.1fixed in 12.12019-04-03

CVE-2018-4377 [MEDIUM] CWE-79 CVE-2018-4377: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

nvd

CVE-2018-4400MEDIUMCVSS 5.5fixed in 12.12019-04-03

CVE-2018-4400 [MEDIUM] CWE-20 CVE-2018-4400: A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1 A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.

nvd

CVE-2018-4385MEDIUMCVSS 6.5fixed in 12.12019-04-03

CVE-2018-4385 [MEDIUM] CWE-20 CVE-2018-4385: A logic issue was addressed with improved state management. This issue affected versions prior to iO A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.

nvd

CVE-2018-4356MEDIUMCVSS 5.3fixed in 12.02019-04-03

CVE-2018-4356 [MEDIUM] CVE-2018-4356: A permissions issue existed. This issue was addressed with improved permission validation. This issu A permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12.

nvd

CVE-2018-4290MEDIUMCVSS 5.9fixed in 11.4.12019-04-03

CVE-2018-4290 [MEDIUM] CVE-2018-4290: A denial of service issue was addressed with improved memory handling. This issue affected versions A denial of service issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, watchOS 4.3.2.

nvd

CVE-2018-4460MEDIUMCVSS 6.5fixed in 12.1.12019-04-03

CVE-2018-4460 [MEDIUM] CWE-20 CVE-2018-4460: A denial of service issue was addressed by removing the vulnerable code. This issue affected version A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

nvd

CVE-2018-4409MEDIUMCVSS 6.5fixed in 12.12019-04-03

CVE-2018-4409 [MEDIUM] CWE-400 CVE-2018-4409: A resource exhaustion issue was addressed with improved input validation. This issue affected versio A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

nvd

CVE-2018-4362MEDIUMCVSS 6.5fixed in 12.02019-04-03

CVE-2018-4362 [MEDIUM] CWE-20 CVE-2018-4362: An inconsistent user interface issue was addressed with improved state management. This issue affect An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12.

nvd

CVE-2018-4368MEDIUMCVSS 6.5fixed in 12.12019-04-03

CVE-2018-4368 [MEDIUM] CWE-20 CVE-2018-4368: A denial of service issue was addressed with improved validation. This issue affected versions prior A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

nvd

CVE-2018-4374MEDIUMCVSS 6.1fixed in 12.12019-04-03

CVE-2018-4374 [MEDIUM] CWE-79 CVE-2018-4374: A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1 A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

nvd

CVE-2018-4445MEDIUMCVSS 4.3fixed in 12.1.12019-04-03

CVE-2018-4445 [MEDIUM] CWE-200 CVE-2018-4445: "Clear History and Website Data" did not clear the history. The issue was addressed with improved da "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.

nvd

CVE-2018-4395MEDIUMCVSS 5.5fixed in 12.02019-04-03

CVE-2018-4395 [MEDIUM] CWE-20 CVE-2018-4395: This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS M This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

nvd

CVE-2018-4399MEDIUMCVSS 5.5fixed in 12.02019-04-03

CVE-2018-4399 [MEDIUM] CWE-20 CVE-2018-4399: An access issue existed with privileged API calls. This issue was addressed with additional restrict An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

nvd

CVE-2018-4440MEDIUMCVSS 4.3fixed in 12.1.12019-04-03

CVE-2018-4440 [MEDIUM] CWE-20 CVE-2018-4440: A logic issue was addressed with improved state management. This issue affected versions prior to iO A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

nvd

CVE-2018-4380MEDIUMCVSS 5.5fixed in 12.12019-04-03

CVE-2018-4380 [MEDIUM] CWE-200 CVE-2018-4380: A lock screen issue allowed access to photos and contacts on a locked device. This issue was address A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.

nvd

← Previous112 / 197Next →