Iphone Os

iphone_os

Vendor: Apple • 4,015 CVEs

CVEs (4,015)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-1817 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corr...Show more IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1818 and CVE-2016-1819.Show less
CVE-2016-1814 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 May 20, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 IOAcceleratorFamily in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app.
CVE-2016-1813 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cau...Show more The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.Show less
CVE-2016-1811 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 May 20, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
CVE-2016-1808 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memor...Show more The Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.Show less
CVE-2016-1807 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 May 20, 2016 N/A· v4 5.1 MEDIUM· v3 1.9 LOW· v2 Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecifie...Show more Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors.Show less
CVE-2016-1803 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 May 20, 2016 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer derefe...Show more CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.Show less
CVE-2016-1802 1Apple 4Iphone Os Mac Os XTvos+1 more May 6, 2026 May 20, 2016 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive info...Show more CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app.Show less
CVE-2016-1801 1Apple 3Iphone Os Mac Os XTvos May 6, 2026 May 20, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecif...Show more The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9.2.1 mishandles URLs in http and https requests, which allows remote attackers to obtain sensitive information via unspecified vectors.Show less
CVE-2016-1790 1Apple 1Iphone Os May 6, 2026 May 20, 2016 N/A· v4 3.3 LOW· v3 4.3 MEDIUM· v2 Buffer overflow in the Accessibility component in Apple iOS before 9.3.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.
CVE-2016-1760 1Apple 1Iphone Os May 6, 2026 Mar 29, 2016 N/A· v4 6.2 MEDIUM· v3 2.1 LOW· v2 The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app's events via a crafted app.
CVE-2016-1788 1Apple 3Iphone Os Mac Os XWatchos May 6, 2026 Mar 24, 2016 N/A· v4 5.9 MEDIUM· v3 2.6 LOW· v2 Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors relate...Show more Messages in Apple iOS before 9.3, OS X before 10.11.4, and watchOS before 2.2 does not properly implement a cryptographic protection mechanism, which allows remote attackers to read message attachments via vectors related to duplicate messages.Show less
CVE-2016-1786 1Apple 2Iphone Os Safari May 6, 2026 Mar 24, 2016 N/A· v4 5.4 MEDIUM· v3 5.8 MEDIUM· v2 The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the displayed URL, bypass...Show more The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and obtain sensitive cached information via a crafted web site.Show less
CVE-2016-1785 1Apple 2Iphone Os Safari May 6, 2026 Mar 24, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtai...Show more The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.Show less
CVE-2016-1784 1Apple 3Iphone Os SafariTvos May 6, 2026 Mar 24, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web sit...Show more The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site.Show less
CVE-2016-1783 2Apple Webkitgtk 4Iphone Os SafariTvos+1 more May 6, 2026 Mar 24, 2016 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
CVE-2016-1782 1Apple 2Iphone Os Safari May 6, 2026 Mar 24, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that specify a TCP port number, which allows remote attackers to bypass intended port restrictions via a crafted web site.
CVE-2016-1781 1Apple 2Iphone Os Safari May 6, 2026 Mar 24, 2016 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors.
CVE-2016-1780 1Apple 1Iphone Os May 6, 2026 Mar 24, 2016 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 WebKit in Apple iOS before 9.3 does not prevent hidden web views from reading orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment via a crafted...Show more WebKit in Apple iOS before 9.3 does not prevent hidden web views from reading orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment via a crafted web site.Show less
CVE-2016-1779 1Apple 2Iphone Os Safari May 6, 2026 Mar 24, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to bypass the Same Origin Policy and obtain physical-location data via a crafted geolocation request.

Previous 1...151152153...201 Next