iOS

CVEs (515)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-44278	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 28, 2024	An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1. A sandboxed app may be able to access sensitive user data in system logs.
CVE-2024-44273	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 28, 2024	This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A malicious app may be able to access private information.
CVE-2024-44254	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 28, 2024	This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, watchOS 11.1. An app may be able to access sensitive user data.
CVE-2024-44239	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 28, 2024	An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. An app may be able to leak sensitive kernel state.
CVE-2024-44215	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 28, 2024	This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing an image may result in disclosure of process memory.
CVE-2024-44194	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 28, 2024	This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An app may be able to access sensitive user data.
CVE-2024-44144	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 28, 2024	A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, visionOS 2, watchOS 11. Processing a maliciously crafted file may lead to unexpected app termination.
CVE-2024-44185	Apple Inc. macOS	Med	0.36	5.5	0.00	Oct 24, 2024	The issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-44296	Apple Inc. macOS	Med	0.35	5.4	0.01	Oct 28, 2024	The issue was addressed with improved checks. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
CVE-2024-54518	Apple Inc. macOS	Med	0.34	5.3	0.00	Jan 27, 2025	The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-54488	Apple Inc. macOS	Med	0.34	5.3	0.00	Jan 27, 2025	A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Photos in the Hidden Photos Album may be viewed without authentication.
CVE-2024-44229	Apple Inc. macOS	Med	0.34	5.3	0.00	Oct 28, 2024	An information leakage was addressed with additional validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. Private browsing may leak some browsing history.
CVE-2024-54510	Apple Inc. macOS	Med	0.33	5.1	0.00	Dec 12, 2024	A race condition was addressed with improved locking. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to leak sensitive kernel state.
CVE-2024-54470	Apple Inc. Iphone Os	Med	0.30	4.6	0.00	Jan 15, 2025	A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contacts from the lock screen.
CVE-2024-44274	Apple Inc. Iphone Os	Med	0.30	4.6	0.00	Oct 28, 2024	The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. An attacker with physical access to a locked device may be able to view sensitive user information.
CVE-2025-24160	Apple Inc. macOS	Med	0.28	4.3	0.00	Jan 27, 2025	The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.
CVE-2025-24128	Apple Inc. macOS	Med	0.28	4.3	0.00	Jan 27, 2025	The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Visiting a malicious website may lead to address bar spoofing.
CVE-2025-24113	Apple Inc. macOS	Med	0.28	4.3	0.00	Jan 27, 2025	The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface spoofing.
CVE-2024-54535	Apple Inc. Iphone Os	Med	0.28	4.3	0.00	Jan 15, 2025	A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders.
CVE-2024-54550	Apple Inc. macOS	Med	0.26	4.0	0.00	Jan 27, 2025	This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs.

CVE-2024-44278MedOct 28, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1. A sandboxed app may be able to access sensitive user data in system logs.
CVE-2024-44273MedOct 28, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A malicious app may be able to access private information.
CVE-2024-44254MedOct 28, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, watchOS 11.1. An app may be able to access sensitive user data.
CVE-2024-44239MedOct 28, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. An app may be able to leak sensitive kernel state.
CVE-2024-44215MedOct 28, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing an image may result in disclosure of process memory.
CVE-2024-44194MedOct 28, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An app may be able to access sensitive user data.
CVE-2024-44144MedOct 28, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, visionOS 2, watchOS 11. Processing a maliciously crafted file may lead to unexpected app termination.
CVE-2024-44185MedOct 24, 2024
Apple Inc.
macOS
risk 0.36cvss 5.5epss 0.00
The issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-44296MedOct 28, 2024
Apple Inc.
macOS
risk 0.35cvss 5.4epss 0.01
The issue was addressed with improved checks. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
CVE-2024-54518MedJan 27, 2025
Apple Inc.
macOS
risk 0.34cvss 5.3epss 0.00
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-54488MedJan 27, 2025
Apple Inc.
macOS
risk 0.34cvss 5.3epss 0.00
A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Photos in the Hidden Photos Album may be viewed without authentication.
CVE-2024-44229MedOct 28, 2024
Apple Inc.
macOS
risk 0.34cvss 5.3epss 0.00
An information leakage was addressed with additional validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. Private browsing may leak some browsing history.
CVE-2024-54510MedDec 12, 2024
Apple Inc.
macOS
risk 0.33cvss 5.1epss 0.00
A race condition was addressed with improved locking. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be able to leak sensitive kernel state.
CVE-2024-54470MedJan 15, 2025
Apple Inc.
Iphone Os
risk 0.30cvss 4.6epss 0.00
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contacts from the lock screen.
CVE-2024-44274MedOct 28, 2024
Apple Inc.
Iphone Os
risk 0.30cvss 4.6epss 0.00
The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. An attacker with physical access to a locked device may be able to view sensitive user information.
CVE-2025-24160MedJan 27, 2025
Apple Inc.
macOS
risk 0.28cvss 4.3epss 0.00
The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.
CVE-2025-24128MedJan 27, 2025
Apple Inc.
macOS
risk 0.28cvss 4.3epss 0.00
The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Visiting a malicious website may lead to address bar spoofing.
CVE-2025-24113MedJan 27, 2025
Apple Inc.
macOS
risk 0.28cvss 4.3epss 0.00
The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface spoofing.
CVE-2024-54535MedJan 15, 2025
Apple Inc.
Iphone Os
risk 0.28cvss 4.3epss 0.00
A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders.
CVE-2024-54550MedJan 27, 2025
Apple Inc.
macOS
risk 0.26cvss 4.0epss 0.00
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs.

Page 4 of 26