Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
iOS Number Of NVD 3541 CRITICAL 137 HIGH 1622 MEDIUM 1441 LOW 245
URL https://www.apple.com/jp/ios/
Explanation This is the operating system installed on the iPhone provided by Apple.
Tag
  • Apple
  • Mobile
Add Information URL
No Type Name URL
1 https://support.apple.com/en-us/HT201222
2 https://developer.apple.com/documentation/ios-ipados-release-notes
3 https://en.wikipedia.org/wiki/IOS_version_history
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
3491 iOS17 17.6.1 Aug. 27, 2024 Sept. 18, 2023 8 70 139 21
3492 iOS16 16.4.1 April 7, 2023 Sept. 12, 2022 24 200 264 55
3493 iOS 15 15.7 Sept. 12, 2022 Sept. 20, 2021 38 351 349 71
3494 iOS 14 14.8 Sept. 13, 2021 July 9, 2020 52 522 456 78
3495 iOS 13 13.7 Sept. 1, 2020 Sept. 19, 2019 64 702 540 95
3496 iOS 12 12.5.1 Jan. 11, 2021 Sept. 17, 2018 83 859 620 107
3497 iOS 11 11.4.1 July 9, 2018 Sept. 19, 2017 93 1024 689 115
3498 iOS 10 10.3.4 July 22, 2019 Sept. 13, 2016 119 1245 789 132
3499 iOS 9 9.3.6 July 22, 2019 Sept. 16, 2015 133 1371 916 148
3500 iOS 8 8.4.1 Aug. 13, 2015 Sept. 17, 2014 131 1426 1129 180
3501 iOS 7 7.0.6 Feb. 21, 2014 Sept. 18, 2013 131 1447 1192 203
3502 iOS 6 6.0.2 Dec. 18, 2012 Sept. 19, 2012 131 1473 1255 215
3503 iOS 5 5.0.1 Nov. 10, 2011 Oct. 12, 2011 131 1542 1329 227
3504 iOS 4 4.0.2 Aug. 11, 2010 June 21, 2010 132 1569 1384 234
3505 iPhone OS 3 3.0.1 July 31, 2009 June 17, 2009 132 1576 1399 237
3506 iPhone OS 2 1.1.5 July 15, 2008 July 11, 2008 133 1588 1394 235
3507 iPhone OS 1 1.0.2 Aug. 21, 2007 June 29, 2007 132 1593 1395 236
3508 iOS7.1 7.1.2 131 1440 1168 197
3509 iOS6.1 6.1.6 131 1464 1236 211
3510 iOS6.0 6.0.2 131 1473 1254 215
3511 iOS5.1 5.1.1 131 1483 1307 225
3512 iOS4.3 4.3.5 131 1561 1357 233
3513 iOS4.2 4.2.9 131 1563 1362 233
3514 iOS4.1 4.1 132 1566 1374 233
3515 iOS3.2 3.2.2 132 1570 1389 235
3516 iOS3.1 3.1.3 132 1573 1397 235
3517 iOS2.2 2.2.1 132 1584 1393 231
3518 iOS2.1 2.1.1 132 1588 1394 235
3519 iOS2.0 2.0.2 133 1588 1393 235
3520 iOS16.2 16.2 18 165 231 54
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
3491 -
4.6 		MEDIUM Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, … CWE-399
 Resource Management Errors 		CVE-2010-0038 cpe:2.3:o:apple:iphone_os:3.1.2:-
cpe:2.3:o:apple:iphone_os:3.1.2:*
cpe:2.3:o:apple:iphone_os:3.0:-
cpe:2.3:o:… 		2021-05-23 09:52
2010-02-4 		Show GitHub Exploit DB Packet Storm
3492 -
6.8 		MEDIUM The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS req… CWE-352
 Origin Validation Error 		CVE-2009-2816 cpe:2.3:o:apple:iphone_os:*:* 4.0 2026-04-23 09:35
2009-11-14 		Show GitHub Exploit DB Packet Storm
3493 -
7.5 		HIGH iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certif… CWE-310
Cryptographic Issues 		CVE-2009-3273 cpe:2.3:o:apple:iphone_os:3.0:-
cpe:2.3:o:apple:iphone_os:3.0:*
cpe:2.3:o:apple:iphone_os:3.0.1:-
cpe:2.3:o:ap… 		2026-04-23 09:35
2009-09-22 		Show GitHub Exploit DB Packet Storm
3494 -
4.3 		MEDIUM Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element. CWE-20
 Improper Input Validation  		CVE-2009-3271 cpe:2.3:o:apple:iphone_os:3.0.1:* 2026-04-23 09:35
2009-09-22 		Show GitHub Exploit DB Packet Storm
3495 -
7.8 		HIGH The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and serv… CWE-399
 Resource Management Errors 		CVE-2009-2815 cpe:2.3:o:apple:iphone_os:3.0:*
cpe:2.3:o:apple:iphone_os:2.2:*
cpe:2.3:o:apple:iphone_os:2.2.1:*
cpe:2.3:o:ap… 		3.0.1 2026-04-23 09:35
2009-09-11 		Show GitHub Exploit DB Packet Storm
3496 -
5.0 		MEDIUM The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote… CWE-200
Information Exposure 		CVE-2009-2797 cpe:2.3:o:apple:iphone_os:*:*


3.1.1
3.1 		2026-04-23 09:35
2009-09-11 		Show GitHub Exploit DB Packet Storm
3497 -
2.1 		LOW The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the pas… CWE-200
Information Exposure 		CVE-2009-2796 cpe:2.3:o:apple:iphone_os:3.0:*
cpe:2.3:o:apple:iphone_os:3.0.1:* 		2026-04-23 09:35
2009-09-11 		Show GitHub Exploit DB Packet Storm
3498 -
7.2 		HIGH Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access ar… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2009-2795 cpe:2.3:o:apple:iphone_os:*:*


3.1.1
3.1 		2026-04-23 09:35
2009-09-11 		Show GitHub Exploit DB Packet Storm
3499 -
4.6 		MEDIUM The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows loc… CWE-362
Race Condition 		CVE-2009-2794 cpe:2.3:o:apple:iphone_os:3.0:-
cpe:2.3:o:apple:iphone_os:3.0:*
cpe:2.3:o:apple:iphone_os:3.0.1:*
cpe:2.3:o:ap… 		2026-04-23 09:35
2009-09-11 		Show GitHub Exploit DB Packet Storm
3500 -
2.1 		LOW The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensiti… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-2207 cpe:2.3:o:apple:iphone_os:3.0:-
cpe:2.3:o:apple:iphone_os:3.0:*
cpe:2.3:o:apple:iphone_os:3.0.1:* 		2026-04-23 09:35
2009-09-11 		Show GitHub Exploit DB Packet Storm