VYPR

Iphone OS

by Apple Inc.

CVEs (2,060)

  • CVE-2025-24085CriKEVJan 27, 2025
    risk 0.81cvss 10.0epss 0.19

    A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A malicious application may be able to…

  • CVE-2016-4657HigKEVAug 25, 2016
    risk 0.78cvss 8.8epss 0.67

    WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

  • CVE-2025-43300CriKEVAug 21, 2025
    risk 0.77cvss 10.0epss 0.20

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8.…

  • CVE-2025-24201CriKEVMar 11, 2025
    risk 0.77cvss 10.0epss 0.04

    An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2,…

  • CVE-2025-31201CriKEVApr 16, 2025
    risk 0.76cvss 9.8epss 0.12

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of…

  • CVE-2025-31200CriKEVApr 16, 2025
    risk 0.76cvss 9.8epss 0.21

    A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code…

  • CVE-2014-4404HigKEVSep 18, 2014
    risk 0.70cvss 7.8epss 0.49

    Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties.

  • CVE-2010-1205CriJun 30, 2010
    risk 0.70cvss 9.8epss 0.43

    Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

  • CVE-2025-43529HigKEVDec 17, 2025
    risk 0.69cvss 8.8epss 0.08

    A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to…

  • CVE-2025-31277HigKEVJul 30, 2025
    risk 0.69cvss 8.8epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.

  • CVE-2024-44308HigKEVNov 20, 2024
    risk 0.69cvss 8.8epss 0.09

    The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware…

  • CVE-2024-23222HigKEVJan 23, 2024
    risk 0.69cvss 8.8epss 0.11

    A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2.…

  • CVE-2016-0801CriFeb 7, 2016
    risk 0.69cvss 9.8epss 0.33

    The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal…

  • CVE-2017-2523CriMay 22, 2017
    risk 0.68cvss 9.8epss 0.11

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Foundation" component. It allows remote attackers to execute arbitrary…

  • CVE-2016-4656HigKEVAug 25, 2016
    risk 0.68cvss 7.8epss 0.24

    The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

  • CVE-2017-11120CriSep 28, 2017
    risk 0.67cvss 9.8epss 0.09

    On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204.

  • CVE-2017-2524CriMay 22, 2017
    risk 0.67cvss 9.8epss 0.07

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "TextInput" component. It allows remote attackers to execute arbitrary…

  • CVE-2017-2522CriMay 22, 2017
    risk 0.67cvss 9.8epss 0.07

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreFoundation" component. It allows remote attackers to execute…

  • CVE-2015-8659CriJan 12, 2016
    risk 0.65cvss 10.0epss 0.04

    The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

  • CVE-2025-43428CriDec 17, 2025
    risk 0.64cvss 9.8epss 0.01

    A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication.

Page 1 of 103