CVE-2021-1768

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or...

CVE-2021-20833

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate...

CVE-2021-20693

Improper access control vulnerability in Gurunavi App for Android ver.10.0.10 and earlier and for iOS ver.11.1.2 and earlier allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...

CVE-2021-21301

Wire is an open-source collaboration platform. In Wire for iOS iPhone and iPad before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has their camera enabled and then disables it. It's a privacy issue because video is streamed to the...

CVE-2020-8507

The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics...

CVE-2020-20095

iMessage Messages app iOS 12.4 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

CVE-2020-8506

The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Unencrypted Analytics...

CVE-2018-4260

An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2...

CVE-2018-4333

A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14...

CVE-2018-4332

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

CVE-2018-4394

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1...

CVE-2002-2052

Cisco 2611 router running IOS 12.16.5, possibly an interim release, allows remote attackers to cause a denial of service via port scans such as 1 scanning all ports on a single host and 2 scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce...

CVE-2025-24189

The issue was addressed with improved checks. This issue is fixed in Safari 18.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to memory corruption...

CVE-2025-31210

The issue was addressed with improved UI. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. Processing web content may lead to a denial-of-service...

CVE-2025-31245

The CVE-2025-31245 issue affects Apple platforms including iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, and visionOS 2.5. It is described as caused by insufficient checks, with the public description stating that an app may be ...

CVE-2025-24091

An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service...

CVE-2025-24167

CVE-2025-24167 affects Safari and related Apple platforms. The issue stems from incorrect association of a download’s origin due to state-management problems. It is fixed in Safari 18.4, iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4. The CVSS 3.1 vector indicates network access, no user interacti...

CVE-2025-24205

The CVE-2025-24205 entry concerns an authorization issue in Apple platforms that could let an app access user-sensitive data. The connected sources confirm affected products and versions and provide remediation details: macOS Ventura 13.7.5; iOS 18.4 and iPadOS 18.4; iPadOS 17.7.6; macOS Sequoia ...

PT-2025-13870 · Apple · Visionos +2

Name of the Vulnerable Software and Affected Versions: visionOS versions prior to 2.4 iOS versions prior to 18.4 iPadOS versions prior to 18.4 Description: The issue allows an app to bypass Privacy preferences. This is achieved by addressing the problem with additional entitlement checks...