Ipados
by Apple Inc.
CVEs (1,470)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-40851 | 0.00 | — | 0.00 | Oct 28, 2024 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen. | |||
| CVE-2024-40867 | 0.00 | — | 0.01 | Oct 28, 2024 | A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox. | |||
| CVE-2024-44204 | 0.00 | — | 0.05 | Oct 3, 2024 | A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver. | |||
| CVE-2024-44124 | 0.00 | — | 0.00 | Sep 16, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A malicious Bluetooth input device may bypass pairing. | |||
| CVE-2024-40852 | 0.00 | — | 0.00 | Sep 16, 2024 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access. | |||
| CVE-2024-44180 | 0.00 | — | 0.00 | Sep 16, 2024 | The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen. | |||
| CVE-2024-44139 | 0.00 | — | 0.00 | Sep 16, 2024 | The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen. | |||
| CVE-2024-27879 | 0.00 | — | 0.01 | Sep 16, 2024 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination. | |||
| CVE-2024-40840 | 0.00 | — | 0.00 | Sep 16, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data. | |||
| CVE-2024-27874 | 0.00 | — | 0.01 | Sep 16, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A remote attacker may be able to cause a denial-of-service. | |||
| CVE-2024-44171 | 0.00 | — | 0.00 | Sep 16, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features. | |||
| CVE-2024-44147 | 0.00 | — | 0.00 | Sep 16, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An app may gain unauthorized access to Local Network. | |||
| CVE-2024-40826 | 0.00 | — | 0.00 | Sep 16, 2024 | A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using print preview. | |||
| CVE-2024-44131 | 0.00 | — | 0.01 | Sep 16, 2024 | This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data. | |||
| CVE-2024-44127 | 0.00 | — | 0.01 | Sep 16, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. Private Browsing tabs may be accessed without authentication. | |||
| CVE-2023-42925 | 0.00 | — | 0.00 | Jul 29, 2024 | The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access Notes attachments. | |||
| CVE-2023-40396 | 0.00 | — | 0.00 | Jul 29, 2024 | The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||
| CVE-2023-42896 | 0.00 | — | 0.00 | Mar 28, 2024 | An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to modify protected parts of the file system. | |||
| CVE-2023-42962 | 0.00 | — | 0.01 | Mar 28, 2024 | This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. A remote attacker may be able to cause a denial-of-service. | |||
| CVE-2023-28826 | 0.00 | — | 0.00 | Mar 8, 2024 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data. |
- CVE-2024-40851Oct 28, 2024risk 0.00cvss —epss 0.00
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen.
- CVE-2024-40867Oct 28, 2024risk 0.00cvss —epss 0.01
A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.
- CVE-2024-44204Oct 3, 2024risk 0.00cvss —epss 0.05
A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver.
- CVE-2024-44124Sep 16, 2024risk 0.00cvss —epss 0.00
This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A malicious Bluetooth input device may bypass pairing.
- CVE-2024-40852Sep 16, 2024risk 0.00cvss —epss 0.00
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to see recent photos without authentication in Assistive Access.
- CVE-2024-44180Sep 16, 2024risk 0.00cvss —epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen.
- CVE-2024-44139Sep 16, 2024risk 0.00cvss —epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen.
- CVE-2024-27879Sep 16, 2024risk 0.00cvss —epss 0.01
The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination.
- CVE-2024-40840Sep 16, 2024risk 0.00cvss —epss 0.00
This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to use Siri to access sensitive user data.
- CVE-2024-27874Sep 16, 2024risk 0.00cvss —epss 0.01
This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. A remote attacker may be able to cause a denial-of-service.
- CVE-2024-44171Sep 16, 2024risk 0.00cvss —epss 0.00
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features.
- CVE-2024-44147Sep 16, 2024risk 0.00cvss —epss 0.00
This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An app may gain unauthorized access to Local Network.
- CVE-2024-40826Sep 16, 2024risk 0.00cvss —epss 0.00
A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using print preview.
- CVE-2024-44131Sep 16, 2024risk 0.00cvss —epss 0.01
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
- CVE-2024-44127Sep 16, 2024risk 0.00cvss —epss 0.01
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. Private Browsing tabs may be accessed without authentication.
- CVE-2023-42925Jul 29, 2024risk 0.00cvss —epss 0.00
The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access Notes attachments.
- CVE-2023-40396Jul 29, 2024risk 0.00cvss —epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to execute arbitrary code with kernel privileges.
- CVE-2023-42896Mar 28, 2024risk 0.00cvss —epss 0.00
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to modify protected parts of the file system.
- CVE-2023-42962Mar 28, 2024risk 0.00cvss —epss 0.01
This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. A remote attacker may be able to cause a denial-of-service.
- CVE-2023-28826Mar 8, 2024risk 0.00cvss —epss 0.00
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data.
Page 73 of 74