| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-26765 |
362 |
|
Bypass |
2022-05-26 |
2022-06-08 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. |
|
2 |
CVE-2021-30992 |
668 |
|
+Info |
2021-08-24 |
2022-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
This issue was addressed with improved handling of file metadata. This issue is fixed in iOS 15.2 and iPadOS 15.2. A user in a FaceTime call may unexpectedly leak sensitive user information through Live Photos metadata. |
|
3 |
CVE-2020-27925 |
|
|
|
2020-12-08 |
2020-12-10 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
An issue existed in the handling of incoming calls. The issue was addressed with additional state checks. This issue is fixed in iOS 14.2 and iPadOS 14.2. A user may answer two calls simultaneously without indication they have answered a second call. |
|
4 |
CVE-2020-9969 |
|
|
|
2020-12-08 |
2023-01-09 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. A local user may be able to view senstive user information. |
|
5 |
CVE-2016-4740 |
200 |
|
+Info |
2016-09-18 |
2017-08-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin has occurred before displaying messages, which might allow attackers to obtain sensitive information via unspecified vectors. |
|
6 |
CVE-2016-1807 |
362 |
|
+Info |
2016-05-20 |
2019-03-25 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors. |
|
7 |
CVE-2015-1114 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Sandbox Profiles component in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to discover hardware identifiers via a crafted app. |
|
8 |
CVE-2015-1113 |
200 |
|
+Info |
2015-04-10 |
2017-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Sandbox Profiles component in Apple iOS before 8.3 allows attackers to read the (1) telephone number or (2) e-mail address of a recent contact via a crafted app. |
|
9 |
CVE-2015-1107 |
|
|
|
2015-04-10 |
2017-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Lock Screen component in Apple iOS before 8.3 does not properly implement the erasure feature for incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses. |
|
10 |
CVE-2015-1097 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. |
|
11 |
CVE-2015-1096 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. |
|
12 |
CVE-2015-1094 |
200 |
|
+Info |
2015-04-10 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app. |
|
13 |
CVE-2015-1085 |
264 |
|
|
2015-04-10 |
2017-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
AppleKeyStore in Apple iOS before 8.3 does not properly restrict a certain passcode-confirmation interface, which makes it easier for attackers to verify correct passcode guesses via a crafted app. |
|
14 |
CVE-2015-1064 |
200 |
|
Bypass +Info |
2015-03-12 |
2015-09-11 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Springboard in Apple iOS before 8.2 allows physically proximate attackers to bypass an intended activation requirement and read the home screen by leveraging an application crash during the activation process. |
|
15 |
CVE-2014-4450 |
255 |
|
|
2014-10-22 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discover credentials by reading credential values within unintended DOM input elements. |
|
16 |
CVE-2014-4448 |
310 |
|
+Info |
2014-10-22 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID. |
|
17 |
CVE-2014-4421 |
|
|
+Info |
2014-09-18 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4420. |
|
18 |
CVE-2014-4420 |
|
|
+Info |
2014-09-18 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421. |
|
19 |
CVE-2014-4419 |
|
|
+Info |
2014-09-18 |
2019-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4420, and CVE-2014-4421. |
|
20 |
CVE-2014-4386 |
362 |
|
+Priv |
2014-09-18 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Race condition in the App Installation feature in Apple iOS before 8 allows local users to gain privileges and install unverified apps by leveraging /tmp write access. |
|
21 |
CVE-2014-4384 |
22 |
|
Dir. Trav. |
2014-09-18 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle. |
|
22 |
CVE-2014-4371 |
665 |
|
+Info |
2014-09-18 |
2019-11-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4419, CVE-2014-4420, and CVE-2014-4421. |
|
23 |
CVE-2014-1352 |
264 |
|
|
2014-07-01 |
2017-01-07 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Lock Screen in Apple iOS before 7.1.2 does not properly enforce the limit on failed passcode attempts, which makes it easier for physically proximate attackers to conduct brute-force passcode-guessing attacks via unspecified vectors. |
|
24 |
CVE-2014-1281 |
264 |
|
|
2014-03-14 |
2014-03-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Photos Backend in Apple iOS before 7.1 does not properly manage the asset-library cache during deletions, which allows physically proximate attackers to obtain sensitive photo data by launching the Photos app and looking under a transparent image. |
|
25 |
CVE-2013-5150 |
200 |
|
+Info |
2013-09-19 |
2014-10-24 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain sensitive information by leveraging an unattended workstation. |
|
26 |
CVE-2013-0979 |
264 |
|
|
2013-03-20 |
2019-09-26 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the permission-setting step of a backup restoration, which allows local users to change the permissions of arbitrary files via a backup that contains a pathname with a symlink. |
|
27 |
CVE-2012-3741 |
287 |
|
Bypass |
2012-09-20 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly handle purchase attempts after a Disable Restrictions action, which allows local users to bypass an intended Apple ID authentication step via an app that performs purchase transactions. |
|
28 |
CVE-2012-3734 |
310 |
|
Bypass |
2012-09-20 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Office Viewer in Apple iOS before 6 writes cleartext document data to a temporary file, which might allow local users to bypass a document's intended (1) Data Protection level or (2) encryption state by reading the temporary content. |
|
29 |
CVE-2012-3729 |
264 |
|
+Info |
2012-09-20 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface. |
|
30 |
CVE-2012-0645 |
264 |
|
Bypass |
2012-03-08 |
2018-11-29 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
|
Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient. |
