Visionos Security Vulnerabilities and Issues — Visionos CVE List

Lucene search

AppleVisionos

47 matches found

CVE•added 2025/01/27 10:15 p.m.•435 views

CVE-2025-24159

A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS6.9AI score0.00044EPSS

CVE•added 2024/03/05 8:16 p.m.•329 views

CVE-2024-23225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue ma...

7.8CVSS7AI score0.00033EPSS

CVE•added 2025/01/27 10:15 p.m.•314 views

CVE-2025-24085

A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been activ...

7.8CVSS5.8AI score0.0986EPSS

CVE•added 2024/03/05 8:16 p.m.•224 views

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

7.8CVSS7AI score0.00085EPSS

CVE•added 2025/04/16 7:15 p.m.•181 views

CVE-2025-31201

This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that th...

7.5CVSS5.6AI score0.00201EPSS

CVE•added 2025/03/21 12:15 a.m.•97 views

CVE-2024-54551

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.

7.5CVSS5.8AI score0.00219EPSS

CVE•added 2024/07/29 11:15 p.m.•89 views

CVE-2024-27826

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.8, macOS Sonoma 14.5, macOS Monterey 12.7.6, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.0007EPSS

CVE•added 2024/12/12 2:15 a.m.•89 views

CVE-2024-54508

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.

7.5CVSS5.8AI score0.00508EPSS

CVE•added 2025/03/31 11:15 p.m.•89 views

CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.

7.8CVSS7.5AI score0.00019EPSS

CVE•added 2025/01/15 8:15 p.m.•88 views

CVE-2024-27856

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution.

7.8CVSS6.6AI score0.00045EPSS

CVE•added 2024/12/12 2:15 a.m.•86 views

CVE-2024-54479

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.

7.5CVSS5.8AI score0.0054EPSS

CVE•added 2025/04/29 3:15 a.m.•81 views

CVE-2025-24206

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy.

7.7CVSS7.8AI score0.0003EPSS

CVE•added 2024/06/10 9:15 p.m.•80 views

CVE-2024-27817

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7AI score0.00092EPSS

CVE•added 2024/03/08 2:15 a.m.•73 views

CVE-2024-23258

An out-of-bounds read was addressed with improved input validation. This issue is fixed in visionOS 1.1, macOS Sonoma 14.4. Processing an image may lead to arbitrary code execution.

7.8CVSS7.2AI score0.00082EPSS

CVE•added 2024/06/10 9:15 p.m.•73 views

CVE-2024-27836

The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, iOS 17.5 and iPadOS 17.5. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7AI score0.00096EPSS

CVE•added 2024/10/28 9:15 p.m.•71 views

CVE-2024-44258

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.

7.1CVSS5.5AI score0.03587EPSS

CVE•added 2024/06/10 9:15 p.m.•68 views

CVE-2024-27840

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypass...

7.5CVSS6.4AI score0.00015EPSS

CVE•added 2024/07/29 11:15 p.m.•66 views

CVE-2024-40784

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may lead to unexpected app terminati...

7.8CVSS6.1AI score0.00049EPSS

CVE•added 2024/06/10 9:15 p.m.•65 views

CVE-2024-27831

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a file may lead to unexpected app termination...

7.8CVSS7.2AI score0.00043EPSS

CVE•added 2024/06/10 9:15 p.m.•65 views

CVE-2024-27857

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. A remote attacker may be able to cause unexpected app termination or arbitrary code execution.

7.8CVSS7.2AI score0.0074EPSS

CVE•added 2024/06/10 9:15 p.m.•63 views

CVE-2024-27802

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a maliciously crafted file may lead to unexpected ap...

7.8CVSS7AI score0.00036EPSS

CVE•added 2024/06/10 9:15 p.m.•62 views

CVE-2024-27812

The issue was addressed with improvements to the file handling protocol. This issue is fixed in visionOS 1.2. Processing web content may lead to a denial-of-service.

7.5CVSS6.4AI score0.00262EPSS

CVE•added 2024/06/10 9:15 p.m.•62 views

CVE-2024-27815

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.2AI score0.17999EPSS

CVE•added 2025/03/31 11:15 p.m.•61 views

CVE-2025-31184

This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may gain unauthorized access to Local Network.

7.8CVSS5.8AI score0.00016EPSS

CVE•added 2024/07/29 11:15 p.m.•60 views

CVE-2024-40809

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, visionOS 1.3, macOS Sonoma 14.6. A shortcut may be able to bypass Internet permission requirements.

7.8CVSS5.7AI score0.00075EPSS

CVE•added 2024/07/29 11:15 p.m.•59 views

CVE-2024-40799

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing a maliciously crafted file may l...

7.1CVSS5.8AI score0.00054EPSS

CVE•added 2025/03/31 11:15 p.m.•58 views

CVE-2025-24243

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted file may lead to arbitrary code execution.

7.8CVSS6.9AI score0.00026EPSS

CVE•added 2024/06/10 9:15 p.m.•57 views

CVE-2024-27800

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing a maliciously crafted message may lead to a deni...

7.1CVSS6.1AI score0.00103EPSS

CVE•added 2024/06/10 9:15 p.m.•57 views

CVE-2024-27828

The issue was addressed with improved memory handling. This issue is fixed in visionOS 1.2, watchOS 10.5, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.1AI score0.00057EPSS

CVE•added 2025/03/31 11:15 p.m.•57 views

CVE-2025-30471

A validation issue was addressed with improved logic. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A remote user may be able to cause a denial-of-service.

7.5CVSS5.8AI score0.00174EPSS

CVE•added 2025/05/12 10:15 p.m.•56 views

CVE-2025-31219

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. An attacker may be able to cause unexpected system termination or corrupt kern...

7.1CVSS5.7AI score0.0007EPSS

CVE•added 2024/09/17 12:15 a.m.•55 views

CVE-2024-44165

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Network traffic may leak outside a VPN tunnel.

7.5CVSS5.9AI score0.00368EPSS

CVE•added 2025/03/31 11:15 p.m.•55 views

CVE-2025-24257

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to cause unexpected system termination or write kernel memory.

7.1CVSS5.8AI score0.0002EPSS

CVE•added 2024/07/29 11:15 p.m.•54 views

CVE-2024-40812

7.8CVSS5.7AI score0.0006EPSS

CVE•added 2024/10/28 9:15 p.m.•54 views

CVE-2024-44252

A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files.

7.1CVSS5.5AI score0.00049EPSS

CVE•added 2025/01/27 10:15 p.m.•53 views

CVE-2025-24129

A type confusion issue was addressed with improved checks. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected app termination.

7.5CVSS6AI score0.00189EPSS

CVE•added 2025/05/12 10:15 p.m.•52 views

CVE-2025-31238

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

7.3CVSS5.8AI score0.00074EPSS

CVE•added 2025/03/31 11:15 p.m.•51 views

CVE-2025-24221

This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Sensitive keychain data may be accessible from an iOS backup.

7.5CVSS5.8AI score0.00047EPSS

CVE•added 2024/12/12 2:15 a.m.•49 views

CVE-2024-44245

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, visionOS 2.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2. An app may be able to cause unexpected system termination or corrupt kernel memory.

7.1CVSS5.7AI score0.0003EPSS

CVE•added 2024/12/20 1:15 a.m.•49 views

CVE-2024-54538

A denial-of-service issue was addressed with improved input validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, macOS Ventura 13.7.1. A remote attacker may be able to cause a denial-of-service.

7.5CVSS5.9AI score0.00453EPSS

CVE•added 2025/03/31 11:15 p.m.•49 views

CVE-2025-24173

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.

7.8CVSS5.8AI score0.00015EPSS

CVE•added 2025/05/12 10:15 p.m.•48 views

CVE-2025-31221

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A remote attacker may be able to leak memory.

7.5CVSS6.1AI score0.00114EPSS

CVE•added 2025/03/31 11:15 p.m.•45 views

CVE-2025-24095

This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass Privacy preferences.

7.6CVSS5.9AI score0.00044EPSS

CVE•added 2025/05/12 10:15 p.m.•42 views

CVE-2025-31222

A correctness issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A user may be able to elevate privileges.

7.8CVSS5.6AI score0.00015EPSS

CVE•added 2024/10/28 9:15 p.m.•39 views

CVE-2024-44126

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, iOS 17.7 and iPadOS 17.7, macOS Sonoma 14.7, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to heap corruption.

7.8CVSS5.4AI score0.00035EPSS

CVE•added 2024/10/28 9:15 p.m.•34 views

CVE-2024-44277

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

7.8CVSS5.5AI score0.00026EPSS

CVE•added 2025/05/12 10:15 p.m.•34 views

CVE-2025-31208

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.

7.5CVSS5.7AI score0.00183EPSS