U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): lock screen
  • Search Type: Search All
  • CPE Vendor: cpe:/:apple
  • CPE Product: cpe:/:apple:iphone_os
There are 54 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2020-9959

A lock screen issue allowed access to messages on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 14.0 and iPadOS 14.0. A person with physical access to an iOS device may be able to view notification contents from the lockscreen.

Published: October 16, 2020; 1:15:18 PM -0400 		V4.0:(not available)
 V3.1: 2.4 LOW
V2.0: 2.1 LOW
CVE-2020-9946

This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period.

Published: October 16, 2020; 1:15:17 PM -0400 		V4.0:(not available)
 V3.1: 6.8 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2020-3859

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

Published: February 27, 2020; 4:15:17 PM -0500 		V4.0:(not available)
 V3.1: 2.4 LOW
V2.0: 2.1 LOW
CVE-2020-3828

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

Published: February 27, 2020; 4:15:16 PM -0500 		V4.0:(not available)
 V3.1: 2.4 LOW
V2.0: 2.1 LOW
CVE-2019-8775

The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

Published: December 18, 2019; 1:15:40 PM -0500 		V4.0:(not available)
 V3.1: 2.4 LOW
V2.0: 2.1 LOW
CVE-2019-8742

The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen.

Published: December 18, 2019; 1:15:38 PM -0500 		V4.0:(not available)
 V3.1: 2.4 LOW
V2.0: 2.1 LOW
CVE-2019-8682

The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.

Published: December 18, 2019; 1:15:33 PM -0500 		V4.0:(not available)
 V3.1: 2.4 LOW
V2.0: 2.1 LOW
CVE-2019-8630

The issue was addressed with improved UI handling. This issue is fixed in iOS 12.3. The lock screen may show a locked icon after unlocking.

Published: December 18, 2019; 1:15:30 PM -0500 		V4.0:(not available)
 V3.1: 3.3 LOW
V2.0: 2.1 LOW
CVE-2018-4430

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1.

Published: April 03, 2019; 2:29:15 PM -0400 		V4.0:(not available)
 V3.0: 2.4 LOW
V2.0: 2.1 LOW
CVE-2018-4388

A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1.

Published: April 03, 2019; 2:29:12 PM -0400 		V4.0:(not available)
 V3.0: 4.6 MEDIUM
V2.0: 2.1 LOW
CVE-2018-4387

A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.

Published: April 03, 2019; 2:29:12 PM -0400 		V4.0:(not available)
 V3.0: 2.4 LOW
V2.0: 2.1 LOW
CVE-2018-4380

A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.

Published: April 03, 2019; 2:29:11 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-4379

A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.

Published: April 03, 2019; 2:29:11 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-7139

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Phone" component. It allows attackers to obtain sensitive information by leveraging a timing bug to read a secure-content screenshot that occurred during a locking action.

Published: October 22, 2017; 9:29:13 PM -0400 		V4.0:(not available)
 V3.0: 2.4 LOW
V2.0: 2.1 LOW
CVE-2017-7058

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. The issue involves the "Notifications" component. It allows physically proximate attackers to read unintended notifications on the lock screen.

Published: July 20, 2017; 12:29:02 PM -0400 		V4.0:(not available)
 V3.0: 2.4 LOW
V2.0: 2.1 LOW
CVE-2017-2452

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to read text messages on the lock screen via unspecified vectors.

Published: April 01, 2017; 9:59:02 PM -0400 		V4.0:(not available)
 V3.0: 4.6 MEDIUM
V2.0: 2.1 LOW
CVE-2017-2397

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Accounts" component. It allows physically proximate attackers to discover an Apple ID by reading an iCloud authentication prompt on the lock screen.

Published: April 01, 2017; 9:59:00 PM -0400 		V4.0:(not available)
 V3.0: 2.4 LOW
V2.0: 2.1 LOW
CVE-2015-7000

Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings, which allows physically proximate attackers to obtain sensitive information by looking for a (1) Phone or (2) Messages notification on the lock screen soon after a setting was disabled.

Published: October 23, 2015; 6:59:09 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 2.1 LOW
CVE-2015-5923

Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which allows physically proximate attackers to read contact data or view photos via unspecified vectors.

Published: October 09, 2015; 1:59:39 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 2.1 LOW
CVE-2015-3756

The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.

Published: August 16, 2015; 7:59:29 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 2.1 LOW