CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Iphone Os : Security Vulnerabilities (CVSS score >= 9)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-4465 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
2 CVE-2018-4461 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
3 CVE-2018-4447 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
4 CVE-2018-4427 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006.
5 CVE-2018-4426 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
6 CVE-2018-4425 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
7 CVE-2018-4420 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
8 CVE-2018-4419 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
9 CVE-2018-4408 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
10 CVE-2018-4404 119 Overflow Mem. Corr. 2019-01-11 2019-01-23
9.3
 None Remote Medium Not required Complete Complete Complete
In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling.
11 CVE-2018-4401 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
12 CVE-2018-4383 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
13 CVE-2018-4344 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
14 CVE-2018-4343 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
15 CVE-2018-4340 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
16 CVE-2018-4337 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
17 CVE-2018-4336 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
18 CVE-2018-4332 119 Overflow Mem. Corr. 2019-04-03 2019-04-04
10.0
 None Remote Low Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
19 CVE-2018-4331 119 Overflow Mem. Corr. 2019-04-03 2019-04-04
10.0
 None Remote Low Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
20 CVE-2018-4330 119 Overflow Mem. Corr. 2019-01-11 2019-01-23
9.3
 None Remote Medium Not required Complete Complete Complete
In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling.
21 CVE-2018-4327 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1.
22 CVE-2018-4298 275 2019-01-11 2019-01-17
10.0
 None Remote Low Not required Complete Complete Complete
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation.
23 CVE-2018-4249 190 DoS Exec Code Overflow 2018-06-08 2018-07-17
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.
24 CVE-2018-4243 119 Exec Code Overflow 2018-06-08 2018-07-17
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app.
25 CVE-2018-4241 119 Exec Code Overflow 2018-06-08 2018-07-17
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app.
26 CVE-2018-4189 119 Overflow Mem. Corr. 2019-01-11 2019-01-17
10.0
 None Remote Low Not required Complete Complete Complete
In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling.
27 CVE-2018-4150 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
28 CVE-2018-4144 119 Exec Code Overflow 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.
29 CVE-2018-4143 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
30 CVE-2018-4126 119 Overflow Mem. Corr. 2019-04-03 2019-04-05
9.3
 None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
31 CVE-2018-4124 119 DoS Overflow Mem. Corr. 2018-04-03 2018-05-15
9.0
 None Remote Low Not required Partial Partial Complete
An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character.
32 CVE-2018-4109 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
33 CVE-2018-4095 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
34 CVE-2018-4087 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
35 CVE-2018-4082 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
36 CVE-2017-13904 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
37 CVE-2017-13879 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-29
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "IOMobileFrameBuffer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
38 CVE-2017-13876 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
39 CVE-2017-13867 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
40 CVE-2017-13862 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
41 CVE-2017-13861 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2019-06-02
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
42 CVE-2017-13854 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
43 CVE-2017-13847 119 DoS Exec Code Overflow Mem. Corr. 2017-12-25 2017-12-28
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
44 CVE-2017-13799 119 DoS Exec Code Overflow Mem. Corr. 2017-11-12 2017-11-28
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
45 CVE-2017-11121 119 DoS Overflow 2017-09-27 2017-10-23
10.0
 None Remote Low Not required Complete Complete Complete
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.
46 CVE-2017-11120 119 Overflow 2017-09-27 2017-10-23
10.0
 None Remote Low Not required Complete Complete Complete
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.
47 CVE-2017-8248 119 Overflow 2017-08-16 2018-12-07
10.0
 None Remote Low Not required Complete Complete Complete
A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.
48 CVE-2017-7172 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Session" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
49 CVE-2017-7171 119 DoS Exec Code Overflow Mem. Corr. 2018-04-03 2018-04-27
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CoreAnimation" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
50 CVE-2017-7162 119 DoS Exec Code Overflow Mem. Corr. 2017-12-27 2017-12-29
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Total number of vulnerabilities : 286   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.