Ipados Security Vulnerabilities and Issues — Ipados CVE List

Lucene search

AppleIpados

87 matches found

CVE•added 2024/02/21 7:15 a.m.•6891 views

CVE-2023-42952

The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.1. An app with root privileges may be able to access private information.

4.4CVSS6.7AI score0.00025EPSS

CVE•added 2024/02/21 7:15 a.m.•6261 views

CVE-2023-42951

The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user may be unable to delete browsing history items.

4.3CVSS7.1AI score0.00124EPSS

CVE•added 2024/02/21 7:15 a.m.•6068 views

CVE-2023-42855

This issue was addressed with improved state management. This issue is fixed in iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to silently persist an Apple ID on an erased device.

4.6CVSS6.1AI score0.00053EPSS

CVE•added 2020/06/09 5:15 p.m.•1017 views

CVE-2020-9819

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5, watchOS 5.3.7. Processing a maliciously crafted mail message may lead to heap corruption.

4.3CVSS5AI score0.00446EPSS

CVE•added 2020/10/16 5:15 p.m.•259 views

CVE-2020-9894

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application...

4.3CVSS6.7AI score0.00204EPSS

CVE•added 2023/10/25 7:15 p.m.•256 views

CVE-2023-41982

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.

4.6CVSS4.7AI score0.00087EPSS

CVE•added 2023/10/25 7:15 p.m.•252 views

CVE-2023-41997

4.6CVSS4.7AI score0.00087EPSS

CVE•added 2019/12/18 6:15 p.m.•250 views

CVE-2019-8769

An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history.

4.3CVSS4.9AI score0.00128EPSS

CVE•added 2023/10/25 7:15 p.m.•244 views

CVE-2023-41977

The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14.1, iOS 16.7.2 and iPadOS 16.7.2. Visiting a malicious website may reveal browsing history.

4.3CVSS4.8AI score0.00169EPSS

CVE•added 2022/05/26 8:15 p.m.•180 views

CVE-2022-26765

A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

4.7CVSS5.4AI score0.00059EPSS

CVE•added 2025/06/16 10:16 p.m.•164 views

CVE-2025-43200

This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS 17.7.5, visionOS 2.3.1, macOS Sequoia 15.3.1, iOS 18.3.1 and iPadOS 18.3.1, macOS Sonoma 14.7.4. A logic issue existed whe...

4.8CVSS5.8AI score0.00474EPSS

CVE•added 2021/08/24 7:15 p.m.•161 views

CVE-2021-30884

The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.

4.7CVSS5.5AI score0.0028EPSS

CVE•added 2022/11/01 8:15 p.m.•140 views

CVE-2022-22677

A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call.

4.3CVSS4.8AI score0.00116EPSS

CVE•added 2023/02/27 8:15 p.m.•138 views

CVE-2022-46705

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS3.5AI score0.00178EPSS

CVE•added 2025/03/31 11:15 p.m.•123 views

CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.9AI score0.00083EPSS

CVE•added 2025/05/12 10:15 p.m.•123 views

CVE-2025-31257

This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.7CVSS5.8AI score0.00083EPSS

CVE•added 2022/05/26 7:15 p.m.•118 views

CVE-2022-26731

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode.

4.3CVSS5AI score0.00456EPSS

CVE•added 2024/03/08 2:15 a.m.•117 views

CVE-2024-23273

This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.

4.3CVSS4.3AI score0.00087EPSS

CVE•added 2022/09/20 9:15 p.m.•113 views

CVE-2022-32868

A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions.

4.3CVSS4.9AI score0.00207EPSS

CVE•added 2022/08/24 8:15 p.m.•105 views

CVE-2022-32857

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s activi...

4.3CVSS5.3AI score0.00026EPSS

CVE•added 2022/03/18 6:15 p.m.•103 views

CVE-2022-22621

This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions.

4.6CVSS4.4AI score0.00156EPSS

CVE•added 2022/05/26 8:15 p.m.•100 views

CVE-2022-26764

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

4.7CVSS5.9AI score0.00214EPSS

CVE•added 2023/09/27 3:19 p.m.•96 views

CVE-2023-41981

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

4.4CVSS5AI score0.00009EPSS

CVE•added 2020/10/27 8:15 p.m.•95 views

CVE-2019-8834

A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud...

4.3CVSS4.9AI score0.00317EPSS

CVE•added 2025/03/31 11:15 p.m.•94 views

CVE-2025-24216

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

4.3CVSS5.5AI score0.00071EPSS

CVE•added 2020/10/27 9:15 p.m.•92 views

CVE-2019-8856

An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra....

4.3CVSS4.1AI score0.0021EPSS

CVE•added 2022/03/18 6:15 p.m.•91 views

CVE-2022-22670

An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed.

4.3CVSS4.6AI score0.00232EPSS

CVE•added 2022/03/18 6:15 p.m.•91 views

CVE-2022-22671

An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen.

4.6CVSS3.9AI score0.00059EPSS

CVE•added 2021/09/08 3:15 p.m.•89 views

CVE-2021-1872

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, macOS Big Sur 11.3. Muting a CallKit call while ringing may not result in mute being enabled.

4.3CVSS5.1AI score0.00305EPSS

CVE•added 2023/06/23 6:15 p.m.•89 views

CVE-2023-32391

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. A shortcut may be able to use sensitive data with certain actions without prompting the user.

4.6CVSS4.2AI score0.00046EPSS

CVE•added 2020/10/27 9:15 p.m.•88 views

CVE-2019-8898

An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has ...

4.3CVSS4.7AI score0.00456EPSS

CVE•added 2024/07/29 11:15 p.m.•87 views

CVE-2024-40813

A lock screen issue was addressed with improved state management. This issue is fixed in watchOS 10.6, iOS 17.6 and iPadOS 17.6. An attacker with physical access may be able to use Siri to access sensitive user data.

4.6CVSS5.2AI score0.0006EPSS

CVE•added 2022/09/20 9:15 p.m.•85 views

CVE-2022-32795

This issue was addressed with improved checks. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS4.9AI score0.00098EPSS

CVE•added 2022/03/18 6:15 p.m.•84 views

CVE-2022-22622

This issue was addressed with improved checks. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions.

4.6CVSS3.7AI score0.00078EPSS

CVE•added 2020/10/27 8:15 p.m.•83 views

CVE-2019-8827

The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. ...

4.3CVSS5.2AI score0.00609EPSS

CVE•added 2025/01/27 10:15 p.m.•81 views

CVE-2025-24113

The issue was addressed with improved UI. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. Visiting a malicious website may lead to user interface spoofing.

4.3CVSS5.6AI score0.0005EPSS

CVE•added 2022/09/23 7:15 p.m.•80 views

CVE-2022-32781

This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8. An app with root privileges may be able to access private information.

4.4CVSS5.5AI score0.00032EPSS

CVE•added 2025/01/27 10:15 p.m.•80 views

CVE-2025-24160

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination.

4.3CVSS5.7AI score0.00114EPSS

CVE•added 2021/04/02 6:15 p.m.•77 views

CVE-2020-9978

This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be able...

4.5CVSS4.8AI score0.00157EPSS

CVE•added 2024/01/10 10:15 p.m.•77 views

CVE-2022-32919

The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing.

4.7CVSS5AI score0.00102EPSS

CVE•added 2024/03/05 8:16 p.m.•77 views

CVE-2024-23243

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4. An app may be able to read sensitive location information.

4.3CVSS6.2AI score0.00285EPSS

CVE•added 2020/12/08 8:15 p.m.•76 views

CVE-2020-9993

The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing.

4.3CVSS5AI score0.00247EPSS

CVE•added 2022/11/01 8:15 p.m.•76 views

CVE-2022-32935

A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. A user may be able to view restricted content from the lock screen.

4.6CVSS5AI score0.00103EPSS

CVE•added 2020/06/09 4:15 p.m.•74 views

CVE-2020-9792

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A USB device may be able to cause a denial of service.

4.6CVSS4.6AI score0.00046EPSS

CVE•added 2024/10/28 9:15 p.m.•74 views

CVE-2024-44244

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.

4.3CVSS8.1AI score0.00283EPSS

CVE•added 2021/10/19 2:15 p.m.•72 views

CVE-2021-30810

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.

4.3CVSS4.4AI score0.00147EPSS

CVE•added 2024/10/28 9:15 p.m.•70 views

CVE-2024-44274

The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, iOS 18.1 and iPadOS 18.1. An attacker with physical access to a locked device may be able to view sensitive user information.

4.6CVSS4.7AI score0.00057EPSS

CVE•added 2025/01/27 10:15 p.m.•70 views

CVE-2024-54550

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs.

4CVSS5.3AI score0.00016EPSS

CVE•added 2021/08/24 7:15 p.m.•68 views

CVE-2021-30932

The issue was addressed with improved permissions logic. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access contacts from the lock screen.

4.6CVSS3.8AI score0.00048EPSS

CVE•added 2024/03/08 2:15 a.m.•68 views

CVE-2024-23262

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to spoof system notifications and UI.

4.3CVSS6.5AI score0.00115EPSS

Total number of security vulnerabilities87