Ios Security Vulnerabilities and Issues — Ios CVE List

Lucene search

AppleIos

50 matches found

CVE•added 2025/01/27 10:15 p.m.•435 views

CVE-2025-24159

A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS6.9AI score0.00044EPSS

CVE•added 2025/01/27 10:15 p.m.•413 views

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.

6.5CVSS5.7AI score0.00141EPSS

CVE•added 2025/01/27 10:15 p.m.•390 views

CVE-2025-24154

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory.

9.1CVSS5.9AI score0.00117EPSS

CVE•added 2025/01/27 10:15 p.m.•383 views

CVE-2025-24149

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to disclosure of user information.

5.5CVSS5.6AI score0.00019EPSS

CVE•added 2025/01/27 10:15 p.m.•373 views

CVE-2025-24123

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

6.5CVSS5.7AI score0.00045EPSS

CVE•added 2025/01/27 10:15 p.m.•327 views

CVE-2024-54478

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process cra...

6.5CVSS5.9AI score0.00104EPSS

CVE•added 2025/01/27 10:15 p.m.•325 views

CVE-2025-24085

A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been activ...

7.8CVSS5.8AI score0.0986EPSS

CVE•added 2025/01/27 10:15 p.m.•290 views

CVE-2025-24124

5.5CVSS5.7AI score0.00022EPSS

CVE•added 2025/01/27 10:15 p.m.•212 views

CVE-2025-24126

An input validation issue was addressed. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker on the local network may be able to cause unexpected system termination or corrupt process memory.

9.8CVSS6AI score0.00105EPSS

CVE•added 2025/01/27 10:15 p.m.•148 views

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.

8.8CVSS6.1AI score0.00155EPSS

CVE•added 2025/01/15 8:15 p.m.•142 views

CVE-2024-44136

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection.

9.1CVSS5.5AI score0.00075EPSS

CVE•added 2025/01/27 10:15 p.m.•135 views

CVE-2025-24162

This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash.

6.5CVSS6AI score0.00179EPSS

CVE•added 2025/01/27 10:15 p.m.•134 views

CVE-2025-24104

This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of protected system files.

5.5CVSS5.8AI score0.04535EPSS

CVE•added 2025/01/27 10:15 p.m.•133 views

CVE-2025-24141

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked.

3.3CVSS5.4AI score0.00024EPSS

CVE•added 2025/01/27 10:15 p.m.•129 views

CVE-2025-24163

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.00022EPSS

CVE•added 2025/01/27 10:15 p.m.•106 views

CVE-2024-54543

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.9AI score0.00135EPSS

CVE•added 2025/01/27 10:15 p.m.•106 views

CVE-2025-24137

A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution.

8CVSS7.2AI score0.00127EPSS

CVE•added 2025/01/27 10:15 p.m.•95 views

CVE-2025-24143

The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.

6.5CVSS5.5AI score0.00064EPSS

CVE•added 2025/01/15 8:15 p.m.•92 views

CVE-2024-27856

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution.

7.8CVSS6.6AI score0.00045EPSS

CVE•added 2025/01/27 10:15 p.m.•92 views

CVE-2024-54468

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox.

8.2CVSS5.7AI score0.00019EPSS

CVE•added 2025/01/27 10:15 p.m.•85 views

CVE-2024-54542

An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2. Private Browsing tabs may be accessed without authentication.

9.1CVSS5.9AI score0.00319EPSS

CVE•added 2025/01/27 10:15 p.m.•82 views

CVE-2025-24113

The issue was addressed with improved UI. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. Visiting a malicious website may lead to user interface spoofing.

4.3CVSS5.6AI score0.0005EPSS

CVE•added 2025/01/27 10:15 p.m.•82 views

CVE-2025-24161

5.5CVSS5.7AI score0.00027EPSS

CVE•added 2025/01/27 10:15 p.m.•80 views

CVE-2025-24160

4.3CVSS5.7AI score0.00114EPSS

CVE•added 2025/01/27 10:15 p.m.•71 views

CVE-2024-54523

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.

9.1CVSS5.7AI score0.00042EPSS

CVE•added 2025/01/27 10:15 p.m.•71 views

CVE-2025-24177

A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service.

7.5CVSS5.9AI score0.00116EPSS

CVE•added 2025/01/27 10:15 p.m.•70 views

CVE-2024-54550

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs.

4CVSS5.3AI score0.00016EPSS

CVE•added 2025/01/27 10:15 p.m.•66 views

CVE-2024-54507

A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An attacker with user privileges may be able to read kernel memory.

9.1CVSS5.5AI score0.00085EPSS

CVE•added 2025/01/27 10:15 p.m.•66 views

CVE-2024-54530

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 and iPadOS 18.2. Password autofill may fill in passwords after failing authentication.

9.1CVSS5.8AI score0.00195EPSS

CVE•added 2025/01/27 10:15 p.m.•61 views

CVE-2025-24086

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service.

5.5CVSS5.8AI score0.00022EPSS

CVE•added 2025/01/27 10:15 p.m.•58 views

CVE-2025-24107

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3 and iPadOS 18.3. A malicious app may be able to gain root privileges.

7.8CVSS6.1AI score0.0002EPSS

CVE•added 2025/01/27 10:15 p.m.•57 views

CVE-2025-24127

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.00022EPSS

CVE•added 2025/01/27 10:15 p.m.•57 views

CVE-2025-24128

The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS6AI score0.00052EPSS

CVE•added 2025/01/27 10:15 p.m.•57 views

CVE-2025-24145

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone number in system logs.

3.3CVSS5.5AI score0.00022EPSS

CVE•added 2025/01/27 10:15 p.m.•56 views

CVE-2025-24131

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service.

6.5CVSS5.6AI score0.00101EPSS

CVE•added 2025/01/27 10:15 p.m.•53 views

CVE-2025-24129

A type confusion issue was addressed with improved checks. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected app termination.

7.5CVSS6AI score0.00189EPSS

CVE•added 2025/01/27 10:15 p.m.•51 views

CVE-2024-54497

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service.

6.5CVSS5.8AI score0.00121EPSS

CVE•added 2025/01/15 8:15 p.m.•49 views

CVE-2024-40771

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, watchOS 10.5, tvOS 17.5, macOS Ventura 13.6.7, visionOS 1.2. An app may be able to execute arbitrary code with kernel privi...

8.4CVSS6.9AI score0.00049EPSS

CVE•added 2025/01/15 8:15 p.m.•48 views

CVE-2024-40854

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination.

6.5CVSS5.3AI score0.00045EPSS

CVE•added 2025/01/15 8:15 p.m.•47 views

CVE-2024-54470

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1. An attacker with physical access may be able to access contacts from the lock screen.

4.6CVSS4.9AI score0.00039EPSS

CVE•added 2025/01/15 8:15 p.m.•47 views

CVE-2024-54535

A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders.

4.3CVSS5.6AI score0.00121EPSS

CVE•added 2025/01/15 8:15 p.m.•46 views

CVE-2024-40839

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen.

2.4CVSS5.4AI score0.00029EPSS

CVE•added 2025/01/27 10:15 p.m.•45 views

CVE-2025-24117

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may be able to fingerprint the user.

5.5CVSS5.5AI score0.00019EPSS

CVE•added 2025/01/27 10:15 p.m.•43 views

CVE-2024-54499

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing a maliciously crafted image may lead to arbitrary code execution.

8.8CVSS7.1AI score0.00066EPSS

CVE•added 2025/01/27 10:15 p.m.•42 views

CVE-2024-54488

A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication.

5.3CVSS5.8AI score0.00126EPSS

CVE•added 2025/01/27 10:15 p.m.•41 views

CVE-2024-54517

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.

7.8CVSS5.7AI score0.00029EPSS

CVE•added 2025/01/27 10:15 p.m.•39 views

CVE-2024-54512

The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user's Apple Account.

9.1CVSS5.8AI score0.00051EPSS

CVE•added 2025/01/27 10:15 p.m.•38 views

CVE-2024-54518

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.

5.3CVSS5.7AI score0.00024EPSS

CVE•added 2025/01/27 10:15 p.m.•38 views

CVE-2024-54522

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.

7.8CVSS5.7AI score0.00035EPSS

CVE•added 2025/01/27 10:15 p.m.•37 views

CVE-2024-54541

This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7.2, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to access user-sensitive data.

5.5CVSS5.9AI score0.00026EPSS