Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
| #Vulnerabilities | 3585 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-27 | CVE-2023-23520 | A race condition was addressed with additional validation. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able to read arbitrary files as root. | Ipados, Iphone_os, Macos | 5.9 | ||
| 2023-02-27 | CVE-2023-23531 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | Ipados, Iphone_os, Macos | 8.6 | ||
| 2025-01-15 | CVE-2024-44136 | This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection. | Ipados, Iphone_os | 4.6 | ||
| 2025-01-27 | CVE-2025-24149 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to disclosure of user information. | Ipados, Iphone_os, Macos, Tvos, Visionos, Watchos | 5.5 | ||
| 2025-01-27 | CVE-2025-24158 | The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service. | Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos | 6.5 | ||
| 2016-08-25 | CVE-2016-4656 | The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | Iphone_os | 7.8 | ||
| 2016-08-25 | CVE-2016-4657 | WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | Iphone_os | 8.8 | ||
| 2019-03-05 | CVE-2019-6223 | A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer. | Iphone_os, Mac_os_x | 7.5 | ||
| 2019-04-03 | CVE-2018-4344 | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | Iphone_os, Mac_os_x, Tvos, Watchos | 7.8 | ||
| 2019-12-18 | CVE-2019-7287 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges. | Iphone_os | 7.8 |