CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...

CVE-2024-54658

CVE-2024-54658 is a memory-handling issue in processing web content that can lead to a denial-of-service. The primary public description states the fix is in Apple software: iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, and macOS Sonoma 14.4. The vulnerability is m...

CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to a denial-of-service...

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely...

Apple iPadOS 安全漏洞

Apple iPadOS is an operating system for the iPad tablet computer from Apple USA. A security vulnerability exists in Apple iPadOS version 17.7.5 that originates from a physical attack that could disable USB Restricted Mode on a locked device...

PT-2025-6097

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.3.1 iPadOS versions prior to 18.3.1 iPadOS versions prior to 17.7.5 Description A physical attack may disable USB Restricted Mode on a locked device. This issue is related to an authorization problem that has been...

About the security content of iOS 18.3.1 and iPadOS 18.3.1

About the security content of iOS 18.3.1 and iPadOS 18.3.1 This document describes the security content of iOS 18.3.1 and iPadOS 18.3.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

The vulnerability of the ARKit interface allows attackers to trigger a service failure on operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS.

The vulnerability of the ARKit interface in operating systems such as macOS, iOS, iPadOS, tvOS, and visionOS is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the WebKit component in the Safari browser on operating systems macOS, iOS, iPadOS, tvOS, and visionOS allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the WebKit component in the Safari browser on macOS, iOS, iPadOS, tvOS, and visionOS operating systems is related to the absence of authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information remote...

The vulnerability of the AirPlay implementation in operating systems macOS, iOS, and iPadOS allows a hacker to trigger a service failure.

The vulnerability of the AirPlay implementation in macOS, iOS, and iPadOS relates to pointer manipulation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Vulnerability of operating systems macOS, iOS, iPadOS, and the Safari browser, related to information representation errors in the user interface, allowing attackers to perform spear-phishing attacks

The vulnerabilities of operating systems such as macOS, iOS, iPadOS, and the Safari browser are related to information representation errors in the user interface. Exploiting these vulnerabilities can allow attackers to perform spear-phishing attacks remotely...

Vulnerabilities fixed in Apple iPadOS and iOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities include problems with memory management, input validation, and Web content processing that could lead to unauthorized access, execution of arbitrary code, and denial-of-service attacks. Apple indicates that CVE-2025-24085, whi...

CVE-2025-24177

A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service...

CVE-2025-24166

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-24162

This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-24161

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination...

CVE-2025-24149

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to disclosure of user information...

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service...

CVE-2025-24159

A validation issue was addressed with improved logic. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to execute arbitrary code with kernel privileges...

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Copying a URL from Web Inspector may lead to command injection...