62 matches found
CVE-2025-24131
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service...
CVE-2025-24166
...
CVE-2025-24141
An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked...
CVE-2025-24161
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination...
CVE-2025-24177
A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service...
CVE-2025-24177
CVE-2025-24177 is an Apple AirPlay vulnerability. The description notes a null pointer dereference that was addressed by improved input validation, with a fixed patch in macOS Sequoia 15.3 and iOS/iPadOS 18.3. The CVE entry indicates a possible remote denial-of-service if exploited. Connected App...
CVE-2025-24160
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination...
CVE-2025-24143
CVE-2025-24143 is a fingerprinting vulnerability involving WebKit-derived components. The core issue appears to be insufficient access restrictions to the local file system, allowing a malicious webpage to fingerprint the user. Apple patched this in macOS Sequoia 15.3, Safari 18.3, iOS 18.3, iPad...
CVE-2025-24162
This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-24163
CVE-2025-24163 affects Apple platforms and has been fixed in multiple OS updates (iOS/iPadOS 18.3, macOS Sonoma 14.7.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3, iPadOS 17.7.4, visionOS 2.3). The issue is described as: Parsing a file may lead to an unexpected app termination in CoreAudio. Conn...
CVE-2025-24162
This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-24158
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service...
CVE-2025-24124
The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination...
CVE-2025-24145
CVE-2025-24145 describes a privacy issue where an app may view a contact’s phone number in system logs. Affected products updated: macOS Sequoia 15.3, iOS 18.3, iPadOS 18.3. Root cause relates to private data redaction in log entries; remediation is to apply the updates listed (Sequoia 15.3, iOS ...
CVE-2025-24104
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2025-24128
The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing...
CVE-2025-24129
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may cause an unexpected app termination...
CVE-2025-24129
CVE-2025-24129 is a type confusion vulnerability in Apple AirPlay that affects iOS 18.3/iPadOS 18.3, visionOS 2.3, macOS Sequoia 15.3, watchOS 11.3, and tvOS 18.3. Root cause: type confusion in AirPlay code leading to potential application termination. Impact: a remote attacker on the local netwo...
PT-2025-5292 · Apple · Ipados +5
Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.4 visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS versions prior to 11.3 Description: This issue is related to insufficient...
About the security content of iOS 18.3 and iPadOS 18.3
About the security content of iOS 18.3 and iPadOS 18.3 This document describes the security content of iOS 18.3 and iPadOS 18.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...