Visionos Security Vulnerabilities and Issues — Visionos CVE List

Lucene search

AppleVisionos

16 matches found

CVE•added 2024/03/05 8:16 p.m.•344 views

CVE-2024-23225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue ma...

7.8CVSS7AI score0.00033EPSS

CVE•added 2024/03/05 8:16 p.m.•240 views

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

7.8CVSS7AI score0.00085EPSS

CVE•added 2024/03/08 2:15 a.m.•122 views

CVE-2024-23284

A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being...

6.5CVSS5.1AI score0.0052EPSS

CVE•added 2024/03/08 2:15 a.m.•121 views

CVE-2024-23226

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. Processing web content may lead to arbitrary code execution.

8.8CVSS7.5AI score0.00709EPSS

CVE•added 2024/03/08 2:15 a.m.•113 views

CVE-2024-23263

A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enfor...

8.1CVSS5.4AI score0.00364EPSS

CVE•added 2024/03/08 2:15 a.m.•110 views

CVE-2024-23286

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. Processing an image may lead to arbitrary code e...

9.8CVSS7.4AI score0.01112EPSS

CVE•added 2024/03/08 2:15 a.m.•106 views

CVE-2024-23265

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to cause unexpected system ...

9.8CVSS6.8AI score0.00151EPSS

CVE•added 2024/03/08 2:15 a.m.•99 views

CVE-2024-23254

The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin.

6.5CVSS5.3AI score0.00498EPSS

CVE•added 2024/03/08 2:15 a.m.•88 views

CVE-2024-23257

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 16.7.6 and iPadOS 16.7.6. Processing an image may result in disclosure of process memory.

3.3CVSS6.3AI score0.00024EPSS

CVE•added 2024/03/08 2:15 a.m.•83 views

CVE-2024-23235

A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to access user-sensitive data.

8.1CVSS6.3AI score0.00056EPSS

CVE•added 2024/03/08 2:15 a.m.•82 views

CVE-2024-23264

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An application may be able to read restricted memory.

5.5CVSS6.2AI score0.0009EPSS

CVE•added 2024/03/08 2:15 a.m.•78 views

CVE-2024-23246

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox.

8.6CVSS5.5AI score0.00072EPSS

CVE•added 2024/03/08 2:15 a.m.•73 views

CVE-2024-23258

An out-of-bounds read was addressed with improved input validation. This issue is fixed in visionOS 1.1, macOS Sonoma 14.4. Processing an image may lead to arbitrary code execution.

7.8CVSS7.2AI score0.00112EPSS

CVE•added 2024/03/08 2:15 a.m.•70 views

CVE-2024-23220

The issue was addressed with improved handling of caches. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4. An app may be able to fingerprint the user.

5.5CVSS6.3AI score0.00062EPSS

CVE•added 2024/03/08 2:15 a.m.•70 views

CVE-2024-23295

A permissions issue was addressed to help ensure Personas are always protected This issue is fixed in visionOS 1.1. An unauthenticated user may be able to use an unprotected Persona.

6.2CVSS7.1AI score0.00066EPSS

CVE•added 2024/03/08 2:15 a.m.•68 views

CVE-2024-23262

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to spoof system notifications and UI.

4.3CVSS6.5AI score0.00115EPSS