Apple iOS vulnerabilities
3,940 known vulnerabilities affecting apple/iphone_os.
Total CVEs
3,940
CISA KEV
92
actively exploited
Public exploits
248
Exploited in wild
79
Severity breakdown
CRITICAL313HIGH1610MEDIUM1730LOW287
Vulnerabilities
Page 66 of 197
CVE-2021-30760HIGHCVSS 7.8fixed in 14.72021-09-08
CVE-2021-30760 [HIGH] CWE-190 CVE-2021-30760: An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.
nvd
CVE-2021-30698HIGHCVSS 7.5fixed in 14.62021-09-08
CVE-2021-30698 [HIGH] CWE-476 CVE-2021-30698: A null pointer dereference was addressed with improved input validation. This issue is fixed in macO
A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.
nvd
CVE-2021-30775HIGHCVSS 7.8fixed in 14.72021-09-08
CVE-2021-30775 [HIGH] CWE-787 CVE-2021-30775: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution.
nvd
CVE-2021-30652HIGHCVSS 7.0fixed in 14.52021-09-08
CVE-2021-30652 [HIGH] CWE-362 CVE-2021-30652: A race condition was addressed with additional validation. This issue is fixed in Security Update 20
A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges.
nvd
CVE-2021-30802HIGHCVSS 8.8fixed in 14.72021-09-08
CVE-2021-30802 [HIGH] CWE-416 CVE-2021-30802: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2021-30797HIGHCVSS 8.8fixed in 14.72021-09-08
CVE-2021-30797 [HIGH] CVE-2021-30797: This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.
nvd
CVE-2021-1812HIGHCVSS 7.8fixed in 14.52021-09-08
CVE-2021-1812 [HIGH] CVE-2021-1812: A logic issue was addressed with improved validation. This issue is fixed in iOS 14.5 and iPadOS 14.
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to execute arbitrary code with system privileges.
nvd
CVE-2021-30795HIGHCVSS 8.8fixed in 14.72021-09-08
CVE-2021-30795 [HIGH] CWE-416 CVE-2021-30795: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2021-30789HIGHCVSS 7.8fixed in 14.72021-09-08
CVE-2021-30789 [HIGH] CWE-125 CVE-2021-30789: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7,
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.
nvd
CVE-2021-30781HIGHCVSS 7.8fixed in 14.72021-09-08
CVE-2021-30781 [HIGH] CVE-2021-30781: This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5,
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary code execution.
nvd
CVE-2021-30786HIGHCVSS 7.0fixed in 14.72021-09-08
CVE-2021-30786 [HIGH] CWE-362 CVE-2021-30786: A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS
A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.
nvd
CVE-2021-30703HIGHCVSS 7.8fixed in 14.62021-09-08
CVE-2021-30703 [HIGH] CWE-415 CVE-2021-30703: A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6,
A double free issue was addressed with improved memory management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2021-1808HIGHCVSS 7.5fixed in 14.52021-09-08
CVE-2021-1808 [HIGH] CWE-787 CVE-2021-1808: A memory corruption issue was addressed with improved validation. This issue is fixed in Security Up
A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to read restricted memory.
nvd
CVE-2021-30661HIGHCVSS 8.8KEVfixed in 12.5.3≥ 14.0, < 14.52021-09-08
CVE-2021-30661 [HIGH] CWE-416 CVE-2021-30661: A use after free issue was addressed with improved memory management. This issue is fixed in Safari
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
nvd
CVE-2021-30779HIGHCVSS 7.8fixed in 14.72021-09-08
CVE-2021-30779 [HIGH] CVE-2021-30779: This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5,
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2021-30666HIGHCVSS 8.8KEVfixed in 12.5.32021-09-08
CVE-2021-30666 [HIGH] CWE-119 CVE-2021-30666: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..
nvd
CVE-2021-1833HIGHCVSS 7.8fixed in 14.52021-09-08
CVE-2021-1833 [HIGH] CVE-2021-1833: This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. An a
This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may be able to gain elevated privileges.
nvd
CVE-2021-30774HIGHCVSS 7.8fixed in 14.72021-09-08
CVE-2021-30774 [HIGH] CVE-2021-30774: A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. A malicious application may be able to gain root privileges.
nvd
CVE-2021-30785HIGHCVSS 7.8fixed in 14.72021-09-08
CVE-2021-30785 [HIGH] CWE-120 CVE-2021-30785: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macO
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution.
nvd
CVE-2021-30752HIGHCVSS 7.8fixed in 14.52021-09-08
CVE-2021-30752 [HIGH] CWE-125 CVE-2021-30752: Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in
Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An out-of-bounds read was addressed with improved input validation.
nvd