Apple iOS vulnerabilities
3,941 known vulnerabilities affecting apple/iphone_os.
Total CVEs
3,941
CISA KEV
92
actively exploited
Public exploits
248
Exploited in wild
79
Severity breakdown
CRITICAL313HIGH1610MEDIUM1731LOW287
Vulnerabilities
Page 179 of 198
CVE-2013-5158LOWCVSS 2.1≤ 6.1.4v1.0.0+46 more2013-09-19
CVE-2013-5158 [LOW] CWE-264 CVE-2013-5158: The Social subsystem in Apple iOS before 7 does not properly restrict access to the cache of Twitter
The Social subsystem in Apple iOS before 7 does not properly restrict access to the cache of Twitter icons, which allows physically proximate attackers to obtain sensitive information about recent Twitter interaction via unspecified vectors.
nvd
CVE-2013-5137LOWCVSS 2.6≤ 6.1.4v1.0.0+46 more2013-09-19
CVE-2013-5137 [LOW] CWE-264 CVE-2013-5137: IOKit in Apple iOS before 7 allows attackers to send user-interface events to the foreground app by
IOKit in Apple iOS before 7 allows attackers to send user-interface events to the foreground app by leveraging control over a background app and using the (1) task-completion API or (2) VoIP API.
nvd
CVE-2013-1026MEDIUMCVSS 6.8≤ 6.1.4v1.0.0+46 more2013-09-16
CVE-2013-1026 [MEDIUM] CWE-119 CVE-2013-1026: Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitr
Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document.
nvd
CVE-2013-1028MEDIUMCVSS 5.8≤ 6.1.4v1.0.0+46 more2013-09-16
CVE-2013-1028 [MEDIUM] CWE-20 CVE-2013-1028: The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify
The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate.
nvd
CVE-2013-1025MEDIUMCVSS 6.8≤ 6.1.4v1.0.0+46 more2013-09-16
CVE-2013-1025 [MEDIUM] CWE-119 CVE-2013-1025: Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute a
Buffer overflow in CoreGraphics in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JBIG2 data in a PDF document.
nvd
CVE-2013-4616MEDIUMCVSS 5.8≤ 6.0v1.0.0+40 more2013-06-18
CVE-2013-4616 [MEDIUM] CWE-255 CVE-2013-4616: The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier
The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphra
nvd
CVE-2013-3948MEDIUMCVSS 4.3v6.1.32013-06-05
CVE-2013-3948 [MEDIUM] CWE-20 CVE-2013-3948: Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS
Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger installation of arbitrary applications via a download-manifest itms-services:// URL that leverages an open redirect vulnerability within a trusted domain.
nvd
CVE-2013-3950MEDIUMCVSS 5.0v5.1v5.1.1+6 more2013-06-05
CVE-2013-3950 [MEDIUM] CWE-119 CVE-2013-3950: Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1
Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLD_SHARED_CACHE_DIR environment variable.
nvd
CVE-2013-3951MEDIUMCVSS 4.6≤ 8.2v6.1.32013-06-05
CVE-2013-3951 [MEDIUM] CWE-20 CVE-2013-3951: sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse
sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering at
nvd
CVE-2013-3954MEDIUMCVSS 6.9≤ 6.1.4v1.0.0+46 more2013-06-05
CVE-2013-3954 [MEDIUM] CWE-20 CVE-2013-3954: The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate th
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive information from kernel heap memory via a certain size va
nvd
CVE-2013-3953MEDIUMCVSS 4.9≤ 6.1.4v1.0.0+46 more2013-06-05
CVE-2013-3953 [MEDIUM] CWE-200 CVE-2013-3953: The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8
The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.
nvd
CVE-2013-3955MEDIUMCVSS 6.2v5.0v5.0.1+8 more2013-06-05
CVE-2013-3955 [MEDIUM] CWE-20 CVE-2013-3955: The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices
The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices does not properly validate the header of an AppleDouble file, which might allow local users to cause a denial of service (memory corruption) or have unspecified other impact via an invalid file on an msdosfs filesystem.
nvd
CVE-2013-1019CRITICALCVSS 9.3≤ 6.1.4v1.0.0+46 more2013-05-24
CVE-2013-1019 [CRITICAL] CWE-119 CVE-2013-1019: Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
nvd
CVE-2013-2842HIGHCVSS 7.5PoC≤ 6.1.4v1.0.0+46 more2013-05-22
CVE-2013-2842 [HIGH] CWE-399 CVE-2013-2842: Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets.
nvd
CVE-2013-1003CRITICALCVSS 9.3≤ 6.1.4v1.0.0+46 more2013-05-20
CVE-2013-1003 [CRITICAL] CWE-399 CVE-2013-1003: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1006CRITICALCVSS 9.3≤ 6.1.4v1.0.0+46 more2013-05-20
CVE-2013-1006 [CRITICAL] CWE-399 CVE-2013-1006: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1004CRITICALCVSS 9.3≤ 6.1.4v1.0.0+46 more2013-05-20
CVE-2013-1004 [CRITICAL] CWE-399 CVE-2013-1004: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1008CRITICALCVSS 9.3≤ 6.1.4v1.0.0+46 more2013-05-20
CVE-2013-1008 [CRITICAL] CWE-399 CVE-2013-1008: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1001CRITICALCVSS 9.3≤ 6.1.4v1.0.0+46 more2013-05-20
CVE-2013-1001 [CRITICAL] CWE-399 CVE-2013-1001: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1000CRITICALCVSS 9.3≤ 6.1.4v1.0.0+46 more2013-05-20
CVE-2013-1000 [CRITICAL] CWE-119 CVE-2013-1000: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd