Ipados Security Vulnerabilities and Issues — Page 3 of Ipados CVE List

5CVSS5.8AI score0.0001EPSS

CVE-2025-24097

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to read arbitrary file metadata.

CVE•added 2025/01/27 10:15 p.m.•58 views

CVE-2025-24127

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

5.5CVSS5.7AI score0.00025EPSS

CVE•added 2025/01/27 10:15 p.m.•58 views

CVE-2025-24128

The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS6AI score0.00062EPSS

CVE•added 2025/01/27 10:15 p.m.•58 views

CVE-2025-24145

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone number in system logs.

3.3CVSS5.5AI score0.00024EPSS

CVE•added 2025/05/19 4:15 p.m.•58 views

CVE-2025-24189

The issue was addressed with improved checks. This issue is fixed in Safari 18.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to memory corruption.

8.8CVSS5.5AI score0.0003EPSS

9.8CVSS5.8AI score0.00084EPSS

CVE-2025-24190

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrup...

6.6CVSS5.3AI score0.00023EPSS

CVE-2025-24198

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access may be able to use Siri to access sensitive user data.

5.5CVSS5.7AI score0.00012EPSS

CVE-2025-24210

A logic error was addressed with improved error handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Parsing an image may lead to disclosure of user information.

CVE•added 2025/05/12 10:15 p.m.•58 views

CVE-2025-31219

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An attacker may be able to cause unexpected system termination or corrupt kern...

7.1CVSS5.7AI score0.0007EPSS

CVE•added 2025/03/31 11:15 p.m.•57 views

CVE-2025-24237

A buffer overflow was addressed with improved bounds checking. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination.

9.8CVSS6.2AI score0.00106EPSS

CVE•added 2025/03/17 8:15 p.m.•56 views

CVE-2024-54525

A logic issue was addressed with improved file handling. This issue is fixed in visionOS 2.2, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. Restoring a maliciously crafted backup file may lead to modification of protected system files.

8.8CVSS5.7AI score0.00641EPSS

6.5CVSS5.5AI score0.00036EPSS

CVE-2025-24192

A script imports issue was addressed with improved isolation. This issue is fixed in Safari 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Visiting a website may leak sensitive data.

5.5CVSS5.7AI score0.00014EPSS

CVE-2025-24244

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted font may result in the disclosure of process memory.

7.1CVSS5.8AI score0.00013EPSS

CVE-2025-24257

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to cause unexpected system termination or write kernel memory.

4.6CVSS4.5AI score0.00019EPSS

CVE-2025-30439

The issue was addressed with improved checks. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An attacker with physical access to a locked device may be able to view sensitive user information.

9.8CVSS5.8AI score0.00063EPSS

CVE-2025-30465

A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.

CVE•added 2025/05/12 10:15 p.m.•56 views

CVE-2025-31238

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

7.3CVSS5.8AI score0.00074EPSS

CVE•added 2025/01/27 10:15 p.m.•55 views

CVE-2025-24129

A type confusion issue was addressed with improved checks. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected app termination.

7.5CVSS6AI score0.00243EPSS

CVE•added 2025/04/29 3:15 a.m.•55 views

CVE-2025-24251

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, watchOS 11.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

6.5CVSS7.8AI score0.00027EPSS

CVE•added 2025/04/29 3:15 a.m.•55 views

CVE-2025-31197

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

5.7CVSS7.8AI score0.00036EPSS

CVE•added 2025/03/31 11:15 p.m.•54 views

CVE-2025-24205

An authorization issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access user-sensitive data.

5.5CVSS5.5AI score0.00015EPSS

CVE•added 2025/04/29 3:15 a.m.•54 views

CVE-2025-30445

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.

6.5CVSS7.8AI score0.00039EPSS

CVE•added 2025/03/31 11:15 p.m.•53 views

CVE-2025-24193

This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos.

2.4CVSS5.7AI score0.00018EPSS

CVE•added 2025/03/31 11:15 p.m.•53 views

CVE-2025-24217

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data.

5.5CVSS5.5AI score0.00015EPSS

CVE•added 2025/04/29 3:15 a.m.•53 views

CVE-2025-24270

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information.

5.7CVSS8AI score0.00035EPSS

CVE•added 2025/03/31 11:15 p.m.•53 views

CVE-2025-30426

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to enumerate a user's installed apps.

9.8CVSS5.7AI score0.00083EPSS

CVE•added 2025/01/27 10:15 p.m.•52 views

CVE-2024-54497

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service.

6.5CVSS5.8AI score0.00155EPSS

CVE•added 2025/03/21 12:15 a.m.•52 views

CVE-2024-54564

This issue was addressed through improved state management. This issue is fixed in visionOS 1.3, macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6. A file received from AirDrop may not have the quarantine flag applied.

6.5CVSS6AI score0.00084EPSS

7.8CVSS5.8AI score0.00014EPSS

CVE-2025-24173

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.

6.5CVSS5.4AI score0.00043EPSS

CVE-2025-24194

A logic issue was addressed with improved checks. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may result in the disclosure of process memory.

7.5CVSS5.8AI score0.00046EPSS

CVE-2025-24221

This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Sensitive keychain data may be accessible from an iOS backup.