Ipados
by Apple Inc.
CVEs (1,616)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-54508 | Hig | 0.49 | 7.5 | 0.01 | Dec 12, 2024 | The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||
| CVE-2024-54479 | Hig | 0.49 | 7.5 | 0.02 | Dec 12, 2024 | The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||
| CVE-2024-44259 | Hig | 0.49 | 7.5 | 0.01 | Oct 28, 2024 | This issue was addressed through improved state management. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. An attacker may be able to misuse a trust relationship to download malicious content. | ||
| CVE-2024-44165 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Network traffic may leak outside a VPN tunnel. | ||
| CVE-2024-40856 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2024 | An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18. An attacker may be able to force a device to disconnect from a secure network. | ||
| CVE-2024-40815 | Hig | 0.49 | 7.5 | 0.01 | Jul 29, 2024 | A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer… | ||
| CVE-2024-40786 | Hig | 0.49 | 7.5 | 0.01 | Jul 29, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information. | ||
| CVE-2024-23204 | Hig | 0.49 | 7.5 | 0.02 | Jan 23, 2024 | The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain… | ||
| CVE-2024-23203 | Hig | 0.49 | 7.5 | 0.01 | Jan 23, 2024 | The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user. | ||
| CVE-2023-40393 | Hig | 0.49 | 7.5 | 0.01 | Jan 10, 2024 | An authentication issue was addressed with improved state management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. Photos in the Hidden Photos Album may be viewed without authentication. | ||
| CVE-2023-42847 | Hig | 0.49 | 7.5 | 0.01 | Oct 25, 2023 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication. | ||
| CVE-2023-40445 | Hig | 0.49 | 7.5 | 0.01 | Oct 25, 2023 | The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17.1. A device may persistently fail to lock. | ||
| CVE-2023-32359 | Hig | 0.49 | 7.5 | 0.01 | Oct 25, 2023 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user's password may be read aloud by VoiceOver. | ||
| CVE-2023-38603 | Hig | 0.49 | 7.5 | 0.01 | Jul 27, 2023 | The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause a denial-of-service. | ||
| CVE-2023-38572 | Hig | 0.49 | 7.5 | 0.01 | Jul 27, 2023 | The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy. | ||
| CVE-2023-32397 | Hig | 0.49 | 7.5 | 0.01 | Jun 23, 2023 | A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system. | ||
| CVE-2023-27963 | Hig | 0.49 | 7.5 | 0.01 | May 8, 2023 | The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A shortcut may be able to use sensitive data with certain actions without… | ||
| CVE-2022-46716 | Hig | 0.49 | 7.5 | 0.00 | Apr 10, 2023 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings | ||
| CVE-2023-23524 | Hig | 0.49 | 7.5 | 0.01 | Feb 27, 2023 | A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service. | ||
| CVE-2022-32830 | Hig | 0.49 | 7.5 | 0.01 | Feb 27, 2023 | An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information. |
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
- risk 0.49cvss 7.5epss 0.02
The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
- risk 0.49cvss 7.5epss 0.01
This issue was addressed through improved state management. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. An attacker may be able to misuse a trust relationship to download malicious content.
- risk 0.49cvss 7.5epss 0.01
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. Network traffic may leak outside a VPN tunnel.
- risk 0.49cvss 7.5epss 0.01
An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18. An attacker may be able to force a device to disconnect from a secure network.
- risk 0.49cvss 7.5epss 0.01
A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer…
- risk 0.49cvss 7.5epss 0.01
This issue was addressed through improved state management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8. An attacker may be able to view sensitive user information.
- risk 0.49cvss 7.5epss 0.02
The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, watchOS 10.3. A shortcut may be able to use sensitive data with certain…
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user.
- risk 0.49cvss 7.5epss 0.01
An authentication issue was addressed with improved state management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. Photos in the Hidden Photos Album may be viewed without authentication.
- risk 0.49cvss 7.5epss 0.01
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication.
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17.1. A device may persistently fail to lock.
- risk 0.49cvss 7.5epss 0.01
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user's password may be read aloud by VoiceOver.
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause a denial-of-service.
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy.
- risk 0.49cvss 7.5epss 0.01
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system.
- risk 0.49cvss 7.5epss 0.01
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. A shortcut may be able to use sensitive data with certain actions without…
- risk 0.49cvss 7.5epss 0.00
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings
- risk 0.49cvss 7.5epss 0.01
A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted certificate may lead to a denial-of-service.
- risk 0.49cvss 7.5epss 0.01
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information.
Page 33 of 81