iOS

CVEs (476)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-24085	Apple Inc. macOS	Cri	0.81	10.0	0.13	KEV	Jan 27, 2025	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
CVE-2024-44308	Debian Debian Linux	Hig	0.69	8.8	0.01	KEV	Nov 20, 2024	The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
CVE-2024-44299	Apple Inc. macOS	Cri	0.64	9.8	0.01		Dec 12, 2024	The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
CVE-2024-44241	Apple Inc. Iphone Os	Cri	0.64	9.8	0.01		Dec 12, 2024	The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
CVE-2025-24154	Apple Inc. macOS	Cri	0.59	9.1	0.00		Jan 27, 2025	An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, visionOS 2.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2024-54542	Apple Inc. macOS	Cri	0.59	9.1	0.00		Jan 27, 2025	An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2. Private Browsing tabs may be accessed without authentication.
CVE-2024-54530	Apple Inc. macOS	Cri	0.59	9.1	0.00		Jan 27, 2025	The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.2. Password autofill may fill in passwords after failing authentication.
CVE-2024-54512	Apple Inc. Iphone Os	Cri	0.59	9.1	0.00		Jan 27, 2025	The issue was addressed by removing the relevant flags. This issue is fixed in iOS 18.2 and iPadOS 18.2, watchOS 11.2. A system binary could be used to fingerprint a user's Apple Account.
CVE-2024-54543	Apple Inc. macOS	Hig	0.57	8.8	0.00		Jan 27, 2025	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-54505	Apple Inc. macOS	Hig	0.57	8.8	0.01		Dec 12, 2024	A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-54514	Apple Inc. macOS	Hig	0.56	8.6	0.00		Dec 12, 2024	The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox.
CVE-2024-54468	Apple Inc. macOS	Hig	0.53	8.2	0.00		Jan 27, 2025	The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox.
CVE-2025-24137	Apple Inc. macOS	Hig	0.52	8.0	0.00		Jan 27, 2025	A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3. An attacker on the local network may corrupt process memory.
CVE-2025-24159	Apple Inc. macOS	Hig	0.51	7.8	0.00		Jan 27, 2025	A validation issue was addressed with improved logic. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to execute arbitrary code with kernel privileges.
CVE-2025-24107	Apple Inc. macOS	Hig	0.51	7.8	0.00		Jan 27, 2025	A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3. A malicious app may be able to gain root privileges.
CVE-2024-54522	Apple Inc. macOS	Hig	0.51	7.8	0.00		Jan 27, 2025	The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-54517	Apple Inc. macOS	Hig	0.51	7.8	0.00		Jan 27, 2025	The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-40771	Apple Inc. macOS	Hig	0.51	7.8	0.00		Jan 15, 2025	The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.
CVE-2024-27856	Apple Inc. macOS	Hig	0.51	7.8	0.00		Jan 15, 2025	The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a file may lead to unexpected app termination or arbitrary code execution.
CVE-2024-44225	Apple Inc. macOS	Hig	0.51	7.8	0.00		Dec 12, 2024	A logic issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to gain elevated privileges.

CVE-2025-24085CriKEVJan 27, 2025
Apple Inc.
macOS
risk 0.81cvss 10.0epss 0.13
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.
CVE-2024-44308HigKEVNov 20, 2024
Debian
Debian Linux
risk 0.69cvss 8.8epss 0.01
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
CVE-2024-44299CriDec 12, 2024
Apple Inc.
macOS
risk 0.64cvss 9.8epss 0.01
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
CVE-2024-44241CriDec 12, 2024
Apple Inc.
Iphone Os
risk 0.64cvss 9.8epss 0.01
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
CVE-2025-24154CriJan 27, 2025
Apple Inc.
macOS
risk 0.59cvss 9.1epss 0.00
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, visionOS 2.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2024-54542CriJan 27, 2025
Apple Inc.
macOS
risk 0.59cvss 9.1epss 0.00
An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2. Private Browsing tabs may be accessed without authentication.
CVE-2024-54530CriJan 27, 2025
Apple Inc.
macOS
risk 0.59cvss 9.1epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.2. Password autofill may fill in passwords after failing authentication.
CVE-2024-54512CriJan 27, 2025
Apple Inc.
Iphone Os
risk 0.59cvss 9.1epss 0.00
The issue was addressed by removing the relevant flags. This issue is fixed in iOS 18.2 and iPadOS 18.2, watchOS 11.2. A system binary could be used to fingerprint a user's Apple Account.
CVE-2024-54543HigJan 27, 2025
Apple Inc.
macOS
risk 0.57cvss 8.8epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-54505HigDec 12, 2024
Apple Inc.
macOS
risk 0.57cvss 8.8epss 0.01
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-54514HigDec 12, 2024
Apple Inc.
macOS
risk 0.56cvss 8.6epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox.
CVE-2024-54468HigJan 27, 2025
Apple Inc.
macOS
risk 0.53cvss 8.2epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to break out of its sandbox.
CVE-2025-24137HigJan 27, 2025
Apple Inc.
macOS
risk 0.52cvss 8.0epss 0.00
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3. An attacker on the local network may corrupt process memory.
CVE-2025-24159HigJan 27, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
A validation issue was addressed with improved logic. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to execute arbitrary code with kernel privileges.
CVE-2025-24107HigJan 27, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3. A malicious app may be able to gain root privileges.
CVE-2024-54522HigJan 27, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-54517HigJan 27, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-40771HigJan 15, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.
CVE-2024-27856HigJan 15, 2025
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a file may lead to unexpected app termination or arbitrary code execution.
CVE-2024-44225HigDec 12, 2024
Apple Inc.
macOS
risk 0.51cvss 7.8epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to gain elevated privileges.

Page 1 of 24