Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
iOS Number Of NVD 3626 CRITICAL 138 HIGH 1666 MEDIUM 1480 LOW 246
URL https://www.apple.com/jp/ios/
Explanation This is the operating system installed on the iPhone provided by Apple.
Tag
  • Mobile
  • Apple

Add Information URL
No Type Name URL
1 https://support.apple.com/en-us/HT201222
2 https://developer.apple.com/documentation/ios-ipados-release-notes
3 https://en.wikipedia.org/wiki/IOS_version_history

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
3091 iOS 26 26.5.1 June 1, 2026 Sept. 15, 2025 1 40 38 1
3092 iOS 18 18.7.9 May 11, 2026 Sept. 16, 2024 8 64 89 8
3093 iOS 17 17.6.1 Aug. 27, 2024 Sept. 18, 2023 9 114 178 22
3094 iOS 16 16.4.1 April 7, 2023 Sept. 12, 2022 25 244 303 56
3095 iOS 15 15.7 Sept. 12, 2022 Sept. 20, 2021 39 395 388 72
3096 iOS 14 14.8 Sept. 13, 2021 July 9, 2020 53 566 495 79
3097 iOS 13 13.7 Sept. 1, 2020 Sept. 19, 2019 65 746 579 96
3098 iOS 12 12.5.1 Jan. 11, 2021 Sept. 17, 2018 84 903 659 108
3099 iOS 11 11.4.1 July 9, 2018 Sept. 19, 2017 94 1068 728 116
3100 iOS 10 10.3.4 July 22, 2019 Sept. 13, 2016 120 1289 828 133
3101 iOS 9 9.3.6 July 22, 2019 Sept. 16, 2015 134 1415 955 149
3102 iOS 8 8.4.1 Aug. 13, 2015 Sept. 17, 2014 132 1470 1168 181
3103 iOS 7 7.0.6 Feb. 21, 2014 Sept. 18, 2013 132 1491 1231 204
3104 iOS 6 6.0.2 Dec. 18, 2012 Sept. 19, 2012 132 1517 1294 216
3105 iOS 5 5.0.1 Nov. 10, 2011 Oct. 12, 2011 132 1586 1368 228
3106 iOS 4 4.0.2 Aug. 11, 2010 June 21, 2010 133 1613 1423 235
3107 iPhone OS 3 3.0.1 July 31, 2009 June 17, 2009 133 1620 1438 238
3108 iPhone OS 2 1.1.5 July 15, 2008 July 11, 2008 134 1632 1433 236
3109 iPhone OS 1 1.0.2 Aug. 21, 2007 June 29, 2007 133 1637 1434 237
3110 iOS7.1 7.1.2 132 1484 1207 198
3111 iOS6.1 6.1.6 132 1508 1275 212
3112 iOS6.0 6.0.2 132 1517 1293 216
3113 iOS5.1 5.1.1 132 1527 1346 226
3114 iOS4.3 4.3.5 132 1605 1396 234
3115 iOS4.2 4.2.9 132 1607 1401 234
3116 iOS4.1 4.1 133 1610 1413 234
3117 iOS3.2 3.2.2 133 1614 1428 236
3118 iOS3.1 3.1.3 133 1617 1436 236
3119 iOS2.2 2.2.1 133 1628 1432 232
3120 iOS2.1 2.1.1 133 1632 1433 236
3121 iOS2.0 2.0.2 134 1632 1432 236
3122 iOS16.2 16.2 19 209 270 55
3123 iOS 27 138 1666 1480 246
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
3091 -
5.0
MEDIUM Apple iOS before 8.1.1 and OS X before 10.10.1 include location data during establishment of a Spotlight Suggestions server connection by Spotlight or Safari, which might allow remote attackers to ob… CWE-200
Information Exposure
CVE-2014-4453 cpe:2.3:o:apple:iphone_os:8.0:*
cpe:2.3:o:apple:iphone_os:8.0.2:*
cpe:2.3:o:apple:iphone_os:8.0.1:*
cpe:2.3:o:…
8.1 2024-11-21 11:10
2014-11-18
Show GitHub Exploit DB Packet Storm
3092 -
5.4
MEDIUM WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra… CWE-399
 Resource Management Errors
CVE-2014-4452 cpe:2.3:o:apple:iphone_os:*:* 8.0 8.1.1 2024-11-21 11:10
2014-11-18
Show GitHub Exploit DB Packet Storm
3093 -
7.2
HIGH Apple iOS before 8.1.1 does not properly enforce the failed-passcode limit, which makes it easier for physically proximate attackers to bypass the lock-screen protection mechanism via a series of gue… CWE-264
Permissions, Privileges, and Access Controls
CVE-2014-4451 cpe:2.3:o:apple:iphone_os:8.0:*
cpe:2.3:o:apple:iphone_os:8.0.2:*
cpe:2.3:o:apple:iphone_os:8.0.1:*
cpe:2.3:o:…
8.1 2024-11-21 11:10
2014-11-18
Show GitHub Exploit DB Packet Storm
3094 -
1.9
LOW The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discove… CWE-255
Credentials Management
CVE-2014-4450 cpe:2.3:o:apple:iphone_os:*:* 8.0.2 2024-11-21 11:10
2014-10-22
Show GitHub Exploit DB Packet Storm
3095 -
6.8
MEDIUM iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafte… CWE-310
Cryptographic Issues
CVE-2014-4449 cpe:2.3:o:apple:iphone_os:*:* 8.0.2 2024-11-21 11:10
2014-10-22
Show GitHub Exploit DB Packet Storm
3096 -
1.9
LOW House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents direc… CWE-310
Cryptographic Issues
CVE-2014-4448 cpe:2.3:o:apple:iphone_os:*:* 8.0.2 2024-11-21 11:10
2014-10-22
Show GitHub Exploit DB Packet Storm
3097 -
7.5
HIGH Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.212… CWE-416
 Use After Free
CVE-2014-3192 cpe:2.3:o:apple:iphone_os:*:* 8.1.2 2024-11-21 11:07
2014-10-8
Show GitHub Exploit DB Packet Storm
3098 -
6.8
MEDIUM Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS does not properly restrict processing of (1) facetime:// and (2) facetime-audio:// URLs, which allows remote attackers to obtain … CWE-79
Cross-site Scripting
CVE-2014-3187 cpe:2.3:o:apple:iphone_os:-:* 2024-11-21 11:07
2014-10-8
Show GitHub Exploit DB Packet Storm
3099 7.8
9.3
HIGH
Local
Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-m… CWE-787
 Out-of-bounds Write
CVE-2014-4404 cpe:2.3:o:apple:iphone_os:*:* 8.0 2026-04-22 01:22
2014-09-18
Show GitHub Exploit DB Packet Storm
3100 -
4.3
MEDIUM The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application. CWE-264
Permissions, Privileges, and Access Controls
CVE-2014-4423 cpe:2.3:o:apple:iphone_os:7.1:*
cpe:2.3:o:apple:iphone_os:7.1.1:*
cpe:2.3:o:apple:iphone_os:7.0:*
cpe:2.3:o:ap…
7.1.2 2024-11-21 11:10
2014-09-18
Show GitHub Exploit DB Packet Storm