Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
iOS Number Of NVD 3611 CRITICAL 137 HIGH 1663 MEDIUM 1469 LOW 246
URL https://www.apple.com/jp/ios/
Explanation This is the operating system installed on the iPhone provided by Apple.
Tag
  • Mobile
  • Apple
Add Information URL
No Type Name URL
1 https://support.apple.com/en-us/HT201222
2 https://developer.apple.com/documentation/ios-ipados-release-notes
3 https://en.wikipedia.org/wiki/IOS_version_history
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
3281 iOS 17 17.6.1 Aug. 27, 2024 Sept. 18, 2023 8 111 167 22
3282 iOS 16 16.4.1 April 7, 2023 Sept. 12, 2022 24 241 292 56
3283 iOS 15 15.7 Sept. 12, 2022 Sept. 20, 2021 38 392 377 72
3284 iOS 14 14.8 Sept. 13, 2021 July 9, 2020 52 563 484 79
3285 iOS 13 13.7 Sept. 1, 2020 Sept. 19, 2019 64 743 568 96
3286 iOS 12 12.5.1 Jan. 11, 2021 Sept. 17, 2018 83 900 648 108
3287 iOS 11 11.4.1 July 9, 2018 Sept. 19, 2017 93 1065 717 116
3288 iOS 10 10.3.4 July 22, 2019 Sept. 13, 2016 119 1286 817 133
3289 iOS 9 9.3.6 July 22, 2019 Sept. 16, 2015 133 1412 944 149
3290 iOS 8 8.4.1 Aug. 13, 2015 Sept. 17, 2014 131 1467 1157 181
3291 iOS 7 7.0.6 Feb. 21, 2014 Sept. 18, 2013 131 1488 1220 204
3292 iOS 6 6.0.2 Dec. 18, 2012 Sept. 19, 2012 131 1514 1283 216
3293 iOS 5 5.0.1 Nov. 10, 2011 Oct. 12, 2011 131 1583 1357 228
3294 iOS 4 4.0.2 Aug. 11, 2010 June 21, 2010 132 1610 1412 235
3295 iPhone OS 3 3.0.1 July 31, 2009 June 17, 2009 132 1617 1427 238
3296 iPhone OS 2 1.1.5 July 15, 2008 July 11, 2008 133 1629 1422 236
3297 iPhone OS 1 1.0.2 Aug. 21, 2007 June 29, 2007 132 1634 1423 237
3298 iOS7.1 7.1.2 131 1481 1196 198
3299 iOS6.1 6.1.6 131 1505 1264 212
3300 iOS6.0 6.0.2 131 1514 1282 216
3301 iOS5.1 5.1.1 131 1524 1335 226
3302 iOS4.3 4.3.5 131 1602 1385 234
3303 iOS4.2 4.2.9 131 1604 1390 234
3304 iOS4.1 4.1 132 1607 1402 234
3305 iOS3.2 3.2.2 132 1611 1417 236
3306 iOS3.1 3.1.3 132 1614 1425 236
3307 iOS2.2 2.2.1 132 1625 1421 232
3308 iOS2.1 2.1.1 132 1629 1422 236
3309 iOS2.0 2.0.2 133 1629 1421 236
3310 iOS16.2 16.2 18 206 259 55
3311 iOS 26 26.5.1 0 0 0 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
3281 -
5.0 		MEDIUM The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the AS… CWE-200
Information Exposure 		CVE-2012-3749 cpe:2.3:o:apple:iphone_os:5.1.1:*
cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:… 		6.0 2024-11-21 10:41
2012-11-4 		Show GitHub Exploit DB Packet Storm
3282 -
5.1 		MEDIUM Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Jav… CWE-362
Race Condition 		CVE-2012-3748 cpe:2.3:o:apple:iphone_os:5.1.1:*
cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:… 		6.0 2024-11-21 10:41
2012-11-4 		Show GitHub Exploit DB Packet Storm
3283 -
10.0 		HIGH Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. CWE-399
 Resource Management Errors 		CVE-2012-5112 cpe:2.3:o:apple:iphone_os:6.0:* 2024-11-21 10:44
2012-10-11 		Show GitHub Exploit DB Packet Storm
3284 -
4.3 		MEDIUM Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS)." CWE-79
Cross-site Scripting 		CVE-2012-2889 cpe:2.3:o:apple:iphone_os:6.0:*
cpe:2.3:o:apple:iphone_os:6.0.1:*
cpe:2.3:o:apple:iphone_os:*:* 		6.0.2 2024-11-21 10:39
2012-09-26 		Show GitHub Exploit DB Packet Storm
3285 -
6.8 		MEDIUM WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CWE-119
CWE-399
Incorrect Access of Indexable Resource ('Range Error') 
 Resource Management Errors 		CVE-2012-3747 cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:o:… 		5.1.1 2024-11-21 10:41
2012-09-21 		Show GitHub Exploit DB Packet Storm
3286 -
4.3 		MEDIUM UIWebView in UIKit in Apple iOS before 6 does not properly use the Data Protection feature, which allows context-dependent attackers to obtain cleartext file content by leveraging direct access to a … CWE-310
Cryptographic Issues 		CVE-2012-3746 cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:o:… 		5.1.1 2024-11-21 10:41
2012-09-21 		Show GitHub Exploit DB Packet Storm
3287 -
5.0 		MEDIUM Off-by-one error in Telephony in Apple iOS before 6 allows remote attackers to cause a denial of service (buffer overflow and connectivity outage) via a crafted user-data header in an SMS message. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2012-3745 cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:o:… 		5.1.1 2024-11-21 10:41
2012-09-21 		Show GitHub Exploit DB Packet Storm
3288 -
5.0 		MEDIUM Telephony in Apple iOS before 6 uses an SMS message's return address as the displayed sender address, which allows remote attackers to spoof text communication via a message in which the return addre… NVD-CWE-Other
CVE-2012-3744 cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:o:… 		5.1.1 2024-11-21 10:41
2012-09-21 		Show GitHub Exploit DB Packet Storm
3289 -
5.0 		MEDIUM The System Logs implementation in Apple iOS before 6 does not restrict /var/log access by sandboxed apps, which allows remote attackers to obtain sensitive information via a crafted app that reads lo… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3743 cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:o:… 		5.1.1 2024-11-21 10:41
2012-09-21 		Show GitHub Exploit DB Packet Storm
3290 -
5.0 		MEDIUM Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connection… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2012-3742 cpe:2.3:o:apple:iphone_os:5.0:*
cpe:2.3:o:apple:iphone_os:5.0.1:*
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:o:… 		5.1.1 2024-11-21 10:41
2012-09-21 		Show GitHub Exploit DB Packet Storm