Iphone Os

iphone_os

Vendor: Apple • 4,015 CVEs

CVEs (4,015)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-4194 1Apple 5Icloud Iphone OsItunes+2 more Nov 21, 2024 Jan 11, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
CVE-2018-4189 1Apple 4Apple Tv Iphone OsMac Os X+1 more Nov 21, 2024 Jan 11, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was add...Show more In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling.Show less
CVE-2018-4185 1Apple 4Iphone Os Mac Os XTvos+1 more Nov 21, 2024 Jan 11, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state han...Show more In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.Show less
CVE-2018-4147 1Apple 4Icloud Iphone OsItunes+1 more Nov 21, 2024 Jan 11, 2019 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling.
CVE-2017-2411 1Apple 1Iphone Os Nov 21, 2024 Jan 11, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.
CVE-2017-13891 1Apple 1Iphone Os Nov 21, 2024 Jan 11, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management.
CVE-2017-13888 1Apple 1Iphone Os Nov 21, 2024 Jan 11, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In iOS before 11.2, a type confusion issue was addressed with improved memory handling.
CVE-2016-7576 1Apple 1Iphone Os Nov 21, 2024 Jan 11, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.
CVE-2016-4644 1Apple 3Apple Tv Iphone OsMac Os Nov 21, 2024 Jan 11, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by stor...Show more In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials.Show less
CVE-2016-4643 1Apple 3Apple Tv Iphone OsMac Os Nov 21, 2024 Jan 11, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response val...Show more In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.Show less
CVE-2016-4642 1Apple 3Apple Tv Iphone OsMac Os Nov 21, 2024 Jan 11, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed thr...Show more In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.Show less
CVE-2018-5383 3Apple GoogleTi 4Android Iphone OsMac Os X+1 more Mar 5, 2026 Aug 7, 2018 N/A· v4 6.8 MEDIUM· v3 4.3 MEDIUM· v2 Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic cu...Show more Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.Show less
CVE-2018-4252 1Apple 1Iphone Os Nov 21, 2024 Jun 8, 2018 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and obtain...Show more An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and obtain private notification content via Siri.Show less
CVE-2018-4250 1Apple 1Iphone Os Nov 21, 2024 Jun 8, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message.
CVE-2018-4249 1Apple 4Apple Tv Iphone OsMac Os X+1 more Nov 21, 2024 Jun 8, 2018 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input...Show more An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.Show less
CVE-2018-4247 1Apple 2Iphone Os Safari Nov 21, 2024 Jun 8, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (persis...Show more An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (persistent Safari outage) via a crafted web site.Show less
CVE-2018-4246 2Apple Canonical 7Icloud Iphone OsItunes+4 more Nov 21, 2024 Jun 8, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is...Show more An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion.Show less
CVE-2018-4244 1Apple 1Iphone Os Nov 21, 2024 Jun 8, 2018 N/A· v4 4.6 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri Contacts" component. It allows physically proximate attackers to discover private contact information via Siri.
CVE-2018-4243 1Apple 4Apple Tv Iphone OsMac Os X+1 more Nov 21, 2024 Jun 8, 2018 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component....Show more An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app.Show less
CVE-2018-4241 1Apple 4Apple Tv Iphone OsMac Os X+1 more Nov 21, 2024 Jun 8, 2018 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component....Show more An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app.Show less

Previous 1...119120121...201 Next