Ipados@* Security Vulnerabilities and Issues — Ipados@* CVE List

Lucene search

AppleIpados*

1633 matches found

CVE•added 2024/02/21 7:15 a.m.•6943 views

CVE-2023-42836

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.2. An attacker may be able to access connected network volumes mounted in the home directory.

5.3CVSS5.2AI score0.00205EPSS

CVE•added 2024/02/21 7:15 a.m.•6891 views

CVE-2023-42952

The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.1. An app with root privileges may be able to access private information.

4.4CVSS6.7AI score0.00025EPSS

CVE•added 2024/02/21 7:15 a.m.•6844 views

CVE-2023-42939

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user's private browsing activity may be unexpectedly saved in the App Privacy Report.

3.3CVSS5.5AI score0.00063EPSS

CVE•added 2024/02/21 7:15 a.m.•6603 views

CVE-2023-42839

This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

6.2CVSS7AI score0.00051EPSS

CVE•added 2024/02/21 7:15 a.m.•6598 views

CVE-2023-42878

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

5.5CVSS7AI score0.00053EPSS

CVE•added 2024/02/21 7:15 a.m.•6261 views

CVE-2023-42951

The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user may be unable to delete browsing history items.

4.3CVSS7.1AI score0.00124EPSS

CVE•added 2024/02/21 7:15 a.m.•6215 views

CVE-2023-42953

A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

5.5CVSS7.2AI score0.00042EPSS

CVE•added 2024/02/21 7:15 a.m.•6213 views

CVE-2023-42843

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.

7.5CVSS5.2AI score0.00071EPSS

CVE•added 2024/02/21 7:15 a.m.•6204 views

CVE-2023-42946

This issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to leak sensitive user information.

7.5CVSS7.1AI score0.00144EPSS

CVE•added 2024/02/21 7:15 a.m.•6172 views

CVE-2023-42834

A privacy issue was addressed with improved handling of files. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

6.2CVSS7AI score0.0006EPSS

CVE•added 2024/02/21 7:15 a.m.•6149 views

CVE-2023-42823

The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.

5.5CVSS7.1AI score0.00046EPSS

CVE•added 2024/02/21 7:15 a.m.•6068 views

CVE-2023-42855

This issue was addressed with improved state management. This issue is fixed in iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to silently persist an Apple ID on an erased device.

4.6CVSS6.1AI score0.00053EPSS

CVE•added 2024/02/21 7:15 a.m.•4526 views

CVE-2023-42873

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.5AI score0.00077EPSS

CVE•added 2024/02/21 7:15 a.m.•4486 views

CVE-2023-42942

This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.

7.8CVSS7AI score0.00126EPSS

CVE•added 2024/02/21 7:15 a.m.•4469 views

CVE-2023-42848

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption.

7.8CVSS6.9AI score0.00043EPSS

CVE•added 2024/02/21 7:15 a.m.•3848 views

CVE-2023-42928

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. An app may be able to gain elevated privileges.

8.4CVSS7.4AI score0.00051EPSS

CVE•added 2024/05/14 3:13 p.m.•3593 views

CVE-2024-27818

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An attacker may be able to cause unexpected app termination or arbitrary code execution.

7.8CVSS5.3AI score0.00034EPSS

CVE•added 2024/05/14 3:13 p.m.•2864 views

CVE-2024-27789

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Ventura 13.6.7, macOS Sonoma 14.4. An app may be able to access user-sensitive data.

5.5CVSS5.2AI score0.00061EPSS

CVE•added 2024/05/14 3:13 p.m.•2439 views

CVE-2024-27816

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker may be able to access user data.

5.5CVSS5.3AI score0.00028EPSS

CVE•added 2020/12/08 10:15 p.m.•2107 views

CVE-2020-27918

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary cod...

7.8CVSS8.6AI score0.00164EPSS

CVE•added 2021/02/16 5:15 p.m.•1905 views

CVE-2021-23841

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if t...

5.9CVSS7AI score0.00665EPSS

CVE•added 2023/06/23 6:15 p.m.•1771 views

CVE-2023-32373

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is awa...

8.8CVSS8.6AI score0.00014EPSS

CVE•added 2023/06/23 6:15 p.m.•1744 views

CVE-2023-28204

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this...

6.5CVSS6.6AI score0.00046EPSS

CVE•added 2023/06/23 6:15 p.m.•1630 views

CVE-2023-32409

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue ...

8.6CVSS7.7AI score0.00354EPSS

CVE•added 2022/07/28 2:15 a.m.•1581 views

CVE-2022-2294

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02193EPSS

CVE•added 2021/09/08 3:15 p.m.•1428 views

CVE-2021-30661

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report tha...

8.8CVSS9.1AI score0.00218EPSS

CVE•added 2021/04/02 6:15 p.m.•1342 views

CVE-2021-1789

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to a...

8.8CVSS8.6AI score0.00238EPSS

CVE•added 2021/03/26 9:15 p.m.•1319 views

CVE-2020-7463

In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-fre...

5.5CVSS5.8AI score0.00049EPSS

CVE•added 2022/05/26 6:15 p.m.•1285 views

CVE-2022-22675

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report...

9.3CVSS8.2AI score0.00531EPSS

CVE•added 2020/07/22 5:15 p.m.•1275 views

CVE-2020-6514

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

6.5CVSS7.3AI score0.11514EPSS

CVE•added 2021/04/02 7:15 p.m.•1256 views

CVE-2021-1871

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issu...

9.8CVSS8.6AI score0.00997EPSS

CVE•added 2021/04/02 7:15 p.m.•1250 views

CVE-2021-1870

9.8CVSS8.6AI score0.00524EPSS

CVE•added 2021/08/24 7:15 p.m.•1244 views

CVE-2021-30860

An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this is...

7.8CVSS6.5AI score0.69382EPSS

CVE•added 2021/08/24 7:15 p.m.•1227 views

CVE-2021-30858

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

8.8CVSS8.9AI score0.01026EPSS

CVE•added 2020/11/03 3:15 a.m.•1218 views

CVE-2020-15969

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.03155EPSS

CVE•added 2021/09/08 3:15 p.m.•1201 views

CVE-2021-30665

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that t...

8.8CVSS8.9AI score0.00562EPSS

CVE•added 2023/06/23 6:15 p.m.•1195 views

CVE-2023-32419

The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.5AI score0.01527EPSS

CVE•added 2021/09/08 3:15 p.m.•1191 views

CVE-2021-30663

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00215EPSS

CVE•added 2022/03/18 6:15 p.m.•1139 views

CVE-2022-22620

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a re...

8.8CVSS8.8AI score0.03979EPSS

CVE•added 2023/06/23 6:15 p.m.•1133 views

CVE-2023-32367

This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to access user-sensitive data.

5.5CVSS4.9AI score0.00039EPSS

CVE•added 2021/04/02 7:15 p.m.•1119 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been active...

6.1CVSS6AI score0.02049EPSS

CVE•added 2022/08/24 8:15 p.m.•1119 views

CVE-2022-32893

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have b...

8.8CVSS8.8AI score0.00145EPSS

CVE•added 2020/06/05 3:15 p.m.•1111 views

CVE-2020-9859

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.1AI score0.00295EPSS

CVE•added 2021/08/24 7:15 p.m.•1092 views

CVE-2021-30869

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute a...

9.3CVSS7.7AI score0.04229EPSS

CVE•added 2022/03/18 6:15 p.m.•1089 views

CVE-2022-22587

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may ha...

10CVSS8.3AI score0.00483EPSS

CVE•added 2020/12/08 9:15 p.m.•1086 views

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalin...

7.1CVSS5.3AI score0.37741EPSS

CVE•added 2020/12/08 9:15 p.m.•1056 views

CVE-2020-27932

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental...

9.3CVSS7.2AI score0.01976EPSS

CVE•added 2021/10/19 2:15 p.m.•1049 views

CVE-2021-30807

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been acti...

9.3CVSS8AI score0.1775EPSS

CVE•added 2021/08/24 7:15 p.m.•1049 views

CVE-2021-30883

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. An application may be able to execute arbitrary code with kernel privileges....

9.3CVSS7.7AI score0.00539EPSS

CVE•added 2023/07/27 12:15 a.m.•1049 views

CVE-2023-37450

The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

8.8CVSS8.5AI score0.00016EPSS

Total number of security vulnerabilities1633