Apple iOS vulnerabilities

CVE-2018-4430 [LOW] CWE-200 CVE-2018-4430: A lock screen issue allowed access to contacts on a locked device. This issue was addressed with imp A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1.

CVE-2018-4322 [LOW] CWE-20 CVE-2018-4322: This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12. This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.

CVE-2018-4325 [LOW] CWE-200 CVE-2018-4325: A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12 A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.

CVE-2018-4352 [LOW] CWE-200 CVE-2018-4352: A consistency issue existed in the handling of application snapshots. The issue was addressed with i A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12.

CVE-2018-4387 [LOW] CWE-200 CVE-2018-4387: A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue w A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.

CVE-2018-4446 [LOW] CWE-20 CVE-2018-4446: This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1. This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1.1.

CVE-2019-6215 [HIGH] CWE-843 CVE-2019-6215: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1. A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6230 [HIGH] CWE-665 CVE-2019-6230: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

CVE-2019-6224 [HIGH] CWE-119 CVE-2019-6224: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution.

CVE-2019-6233 [HIGH] CWE-787 CVE-2019-6233: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6223 [HIGH] CVE-2019-6223: A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer.

CVE-2019-6225 [HIGH] CWE-787 CVE-2019-6225: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges.

CVE-2019-6214 [HIGH] CWE-843 CVE-2019-6214: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1. A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.

CVE-2019-6212 [HIGH] CWE-787 CVE-2019-6212: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6218 [HIGH] CWE-787 CVE-2019-6218: A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.

CVE-2019-6213 [HIGH] CWE-119 CVE-2019-6213: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, ma A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.

CVE-2019-6221 [HIGH] CWE-125 CVE-2019-6221: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges.

CVE-2019-6227 [HIGH] CWE-787 CVE-2019-6227: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6216 [HIGH] CWE-787 CVE-2019-6216: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6211 [HIGH] CWE-787 CVE-2019-6211: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution.