← Back

Iphone Os

iphone_os

Vendor: Apple • 4,015 CVEs

CVEs (4,015)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-1842
1Apple
3Iphone Os
Mac Os XWatchos
May 6, 2026
May 20, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic.
CVE-2016-1841
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craft...Show more
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.Show less
CVE-2016-1840
6Apple
CanonicalDebian+3 more
14Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+11 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to e...Show more
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.Show less
CVE-2016-1839
6Apple
CanonicalDebian+3 more
14Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+11 more
May 6, 2026
May 20, 2016
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based...Show more
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.Show less
CVE-2016-1838
6Apple
CanonicalDebian+3 more
14Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+11 more
May 6, 2026
May 20, 2016
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of se...Show more
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.Show less
CVE-2016-1837
6Apple
CanonicalDebian+3 more
14Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+11 more
May 6, 2026
May 20, 2016
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and wat...Show more
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.Show less
CVE-2016-1836
6Apple
CanonicalDebian+3 more
14Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+11 more
May 6, 2026
May 20, 2016
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to...Show more
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document.Show less
CVE-2016-1835
3Apple
CanonicalDebian
4Debian Linux
Iphone OsMac Os X+1 more
May 6, 2026
May 20, 2016
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML d...Show more
Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.Show less
CVE-2016-1834
6Apple
CanonicalDebian+3 more
14Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+11 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbit...Show more
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.Show less
CVE-2016-1833
6Apple
CanonicalDebian+3 more
14Debian Linux
Enterprise Linux DesktopEnterprise Linux Server+11 more
May 6, 2026
May 20, 2016
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based...Show more
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.Show less
CVE-2016-1832
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
libc in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1831
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
The kernel in Apple iOS before 9.3.2 and OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1830
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
8.5 HIGH· v2
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) v...Show more
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1828, and CVE-2016-1829.Show less
CVE-2016-1829
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) v...Show more
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1828, and CVE-2016-1830.Show less
CVE-2016-1828
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) v...Show more
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1827, CVE-2016-1829, and CVE-2016-1830.Show less
CVE-2016-1827
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) v...Show more
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1828, CVE-2016-1829, and CVE-2016-1830.Show less
CVE-2016-1824
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)...Show more
IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1823.Show less
CVE-2016-1823
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a den...Show more
The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824.Show less
CVE-2016-1819
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a...Show more
Use-after-free vulnerability in the IOAccelContext2::clientMemoryForType method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1818.Show less
CVE-2016-1818
1Apple
4Iphone Os
Mac Os XTvos+1 more
May 6, 2026
May 20, 2016
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corr...Show more
IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1817 and CVE-2016-1819.Show less