iOS

CVEs (603)

• CVE-2022-32916Dec 15, 2022
  Apple Inc.

  iOS
  risk 0.00cvss —epss 0.00

  An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory.

• CVE-2022-32887Nov 1, 2022
  Apple Inc.

  iOS
  risk 0.00cvss —epss 0.00

  The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges.

• CVE-2022-22658Nov 1, 2022
  Apple Inc.

  iOS
  risk 0.00cvss —epss 0.00

  An input validation issue was addressed with improved input validation. This issue is fixed in iOS 16.0.3. Processing a maliciously crafted email message may lead to a denial-of-service.

• CVE-2022-32835Nov 1, 2022
  Apple Inc.

  watchOS
  risk 0.00cvss —epss 0.00

  This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.

• CVE-2022-32889Nov 1, 2022
  Apple Inc.

  watchOS
  risk 0.00cvss —epss 0.00

  The issue was addressed with improved memory handling. This issue is fixed in iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

• CVE-2022-32907Nov 1, 2022
  Apple Inc.

  watchOS
  risk 0.00cvss —epss 0.00

  This issue was addressed with improved checks. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

• CVE-2022-32903Nov 1, 2022
  Apple Inc.

  watchOS
  risk 0.00cvss —epss 0.00

  A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

• CVE-2022-32925Nov 1, 2022
  Apple Inc.

  watchOS
  risk 0.00cvss —epss 0.00

  An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory.

• CVE-2022-32909Nov 1, 2022
  Apple Inc.

  iOS
  risk 0.00cvss —epss 0.00

  The issue was addressed with improved handling of caches. This issue is fixed in iOS 16. An app may be able to access user-sensitive data.

• CVE-2022-32859Nov 1, 2022
  Apple Inc.

  iOS
  risk 0.00cvss —epss 0.00

  A logic issue was addressed with improved state management. This issue is fixed in iOS 16. Deleted contacts may still appear in spotlight search results.

• CVE-2022-32883Sep 20, 2022
  Apple Inc.

  macOS
  risk 0.00cvss —epss 0.00

  A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information.

• CVE-2022-32795Sep 20, 2022
  Apple Inc.

  iOS and iPadOS
  risk 0.00cvss —epss 0.00

  This issue was addressed with improved checks. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. Visiting a malicious website may lead to address bar spoofing.

• CVE-2022-32868Sep 20, 2022
  Apple Inc.

  Safari
  risk 0.00cvss —epss 0.01

  A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions.

• CVE-2022-32854Sep 20, 2022
  Apple Inc.

  macOS
  risk 0.00cvss —epss 0.00

  This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.

• CVE-2022-32872Sep 20, 2022
  Apple Inc.

  iOS and iPadOS
  risk 0.00cvss —epss 0.00

  A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen.

• CVE-2022-32911Sep 20, 2022
  Apple Inc.

  macOS
  risk 0.00cvss —epss 0.00

  The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.

• CVE-2022-32908Sep 20, 2022
  Apple Inc.

  macOS
  risk 0.00cvss —epss 0.00

  A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges.

• CVE-2022-32864Sep 20, 2022
  Apple Inc.

  macOS
  risk 0.00cvss —epss 0.00

  The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory.

• CVE-2022-32912Sep 20, 2022
  Apple Inc.

  Safari
  risk 0.00cvss —epss 0.03

  An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

• CVE-2022-32886Sep 20, 2022
  Apple Inc.

  Safari
  risk 0.00cvss —epss 0.01

  A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.