CVE-2024-54469

CVE-2024-54469 is an Apple macOS/iOS/iPadOS/visionOS vulnerability where improved checks fixed a local information-leak issue. Affected platforms include macOS Ventura 13.7, macOS Sequoia 15, macOS Sonoma 14.7, visionOS 2, iOS 18 and iPadOS 18. The vulnerability allows a local user to leak sensit...

CVE-2024-54469

The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. A local user may be able to leak sensitive user information...

CVE-2024-54469

The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. A local user may be able to leak sensitive user information...

Apple iOS和Apple iPadOS 缓冲区错误漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A buffer error vulnerability exists in Apple iOS and Apple iPadOS that stems from an out-of-bounds write issue that could...

Exploit for Integer Overflow or Wraparound in Apple Ipados

Trigon Trigon is a deterministic kernel exploit based on CVE-...

The vulnerability of the Kernel component in operating systems such as MacOs, iPadOS, iOS, watchOS, and tvOS allows attackers to elevate their privileges to a root level.

The vulnerability of the Kernel component in macOS, iPadOS, iOS, watchOS, and tvOS is related to permission handling errors. Exploiting this vulnerability can allow an attacker to elevate their privileges to a root level...

The vulnerability of the IOMobileFrameBuffer component in operating systems such as MacOs, tvOs, watchOs, iPadOs, and iOS allows a perpetrator to influence data integrity.

The vulnerability of the IOMobileFrameBuffer component in operating systems such as MacOs, tvOS, watchOS, iPadOS, and iOS lies in reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to compromise data integrity...

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report...

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

Apple Confirms ‘Extremely Sophisticated’ Exploit Threatening iOS Security

Apple fixes the USB Restricted Mode flaw in iOS 18.3.1 and iPadOS 18.3.1. Vulnerability exploited in targeted attacks.…...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24200link is external Apple iOS and iPadOS Incorrect Authorization Vulnerability CVE-2024-41710link is external Mitel SIP Phones Argument Injection Vulnerabili...

The vulnerability of macOS and iPadOS systems, related to access control deficiencies, allows attackers to circumvent existing security restrictions and gain unauthorized access to sensitive information.

The vulnerabilities of macOS and iPadOS are related to lack of access control mechanisms. Exploiting these vulnerabilities allows a remote attacker to bypass existing security restrictions and gain unauthorized access to sensitive information...

The vulnerability of the UI components in operating systems such as visionOS, iOS, iPadOS, macOS, and the Safari browser allows attackers to gain unauthorized access to confidential data.

The vulnerability of the UI components in operating systems such as visionOS, iOS, iPadOS, macOS, and the Safari browser is related to an improper limitation on the layers of the user interface that can be displayed. Exploiting this vulnerability may allow a remote attacker to gain unauthorized...

Astra Linux – Vulnerability in WebKit2GTK

The issue was addressed through improved checks. This issue is fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, and watchOS 26.1. A malicious website may exfiltrate data across origins...

SUSE CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Copying a URL from Web Inspector may lead to command injection...

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report...

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely...

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report...

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...