Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
iOS Number Of NVD 3626 CRITICAL 138 HIGH 1666 MEDIUM 1480 LOW 246
URL https://www.apple.com/jp/ios/
Explanation This is the operating system installed on the iPhone provided by Apple.
Tag
  • Apple
  • Mobile

Add Information URL
No Type Name URL
1 https://support.apple.com/en-us/HT201222
2 https://developer.apple.com/documentation/ios-ipados-release-notes
3 https://en.wikipedia.org/wiki/IOS_version_history

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
3471 iOS 26 26.5.1 June 1, 2026 Sept. 15, 2025 1 40 38 1
3472 iOS 18 18.7.9 May 11, 2026 Sept. 16, 2024 8 64 89 8
3473 iOS 17 17.6.1 Aug. 27, 2024 Sept. 18, 2023 9 114 178 22
3474 iOS 16 16.4.1 April 7, 2023 Sept. 12, 2022 25 244 303 56
3475 iOS 15 15.7 Sept. 12, 2022 Sept. 20, 2021 39 395 388 72
3476 iOS 14 14.8 Sept. 13, 2021 July 9, 2020 53 566 495 79
3477 iOS 13 13.7 Sept. 1, 2020 Sept. 19, 2019 65 746 579 96
3478 iOS 12 12.5.1 Jan. 11, 2021 Sept. 17, 2018 84 903 659 108
3479 iOS 11 11.4.1 July 9, 2018 Sept. 19, 2017 94 1068 728 116
3480 iOS 10 10.3.4 July 22, 2019 Sept. 13, 2016 120 1289 828 133
3481 iOS 9 9.3.6 July 22, 2019 Sept. 16, 2015 134 1415 955 149
3482 iOS 8 8.4.1 Aug. 13, 2015 Sept. 17, 2014 132 1470 1168 181
3483 iOS 7 7.0.6 Feb. 21, 2014 Sept. 18, 2013 132 1491 1231 204
3484 iOS 6 6.0.2 Dec. 18, 2012 Sept. 19, 2012 132 1517 1294 216
3485 iOS 5 5.0.1 Nov. 10, 2011 Oct. 12, 2011 132 1586 1368 228
3486 iOS 4 4.0.2 Aug. 11, 2010 June 21, 2010 133 1613 1423 235
3487 iPhone OS 3 3.0.1 July 31, 2009 June 17, 2009 133 1620 1438 238
3488 iPhone OS 2 1.1.5 July 15, 2008 July 11, 2008 134 1632 1433 236
3489 iPhone OS 1 1.0.2 Aug. 21, 2007 June 29, 2007 133 1637 1434 237
3490 iOS7.1 7.1.2 132 1484 1207 198
3491 iOS6.1 6.1.6 132 1508 1275 212
3492 iOS6.0 6.0.2 132 1517 1293 216
3493 iOS5.1 5.1.1 132 1527 1346 226
3494 iOS4.3 4.3.5 132 1605 1396 234
3495 iOS4.2 4.2.9 132 1607 1401 234
3496 iOS4.1 4.1 133 1610 1413 234
3497 iOS3.2 3.2.2 133 1614 1428 236
3498 iOS3.1 3.1.3 133 1617 1436 236
3499 iOS2.2 2.2.1 133 1628 1432 232
3500 iOS2.1 2.1.1 133 1632 1433 236
3501 iOS2.0 2.0.2 134 1632 1432 236
3502 iOS16.2 16.2 19 209 270 55
3503 iOS 27 138 1666 1480 246
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
3471 -
4.3
MEDIUM FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial … CWE-94
Code Injection
CVE-2011-3256 cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:…
2024-11-21 10:30
2011-10-14
Show GitHub Exploit DB Packet Storm
3472 -
4.3
MEDIUM CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application. CWE-255
Credentials Management
CVE-2011-3255 cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:…
2024-11-21 10:30
2011-10-14
Show GitHub Exploit DB Packet Storm
3473 -
4.3
MEDIUM Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note. CWE-79
Cross-site Scripting
CVE-2011-3254 cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:…
2024-11-21 10:30
2011-10-14
Show GitHub Exploit DB Packet Storm
3474 -
2.6
LOW CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows man-in-the-middle attackers to spoof calendar servers and obtain sensitive information via an arbitrar… CWE-200
Information Exposure
CVE-2011-3253 cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:…
2024-11-21 10:30
2011-10-14
Show GitHub Exploit DB Packet Storm
3475 -
5.0
MEDIUM CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies … CWE-200
Information Exposure
CVE-2011-3246 cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:…
2024-11-21 10:30
2011-10-14
Show GitHub Exploit DB Packet Storm
3476 -
2.1
LOW The Keyboards component in Apple iOS before 5 displays the final character of an entered password during a subsequent use of a keyboard, which allows physically proximate attackers to obtain sensitiv… CWE-255
Credentials Management
CVE-2011-3245 cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:…
2024-11-21 10:30
2011-10-14
Show GitHub Exploit DB Packet Storm
3477 -
4.3
MEDIUM Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactiv… CWE-79
Cross-site Scripting
CVE-2011-3243 cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:-
cpe:2.3:o:apple:iphone_os:4.3.5:*
cpe:2.3:…
2024-11-21 10:30
2011-10-14
Show GitHub Exploit DB Packet Storm
3478 -
6.8
MEDIUM Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead… NVD-CWE-Other
CVE-2011-2877 cpe:2.3:o:apple:iphone_os:*:* 5.1 2024-11-21 10:29
2011-10-5
Show GitHub Exploit DB Packet Storm
3479 -
5.0
MEDIUM Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CWE-125
Out-of-bounds Read
CVE-2011-3234 cpe:2.3:o:apple:iphone_os:*:* 5.0 2024-11-21 10:30
2011-09-19
Show GitHub Exploit DB Packet Storm
3480 -
7.5
HIGH Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. CWE-416
 Use After Free
CVE-2011-2860 cpe:2.3:o:apple:iphone_os:*:* 5.1 2024-11-21 10:29
2011-09-19
Show GitHub Exploit DB Packet Storm