Filtered by vendor Apple
Subscriptions
Filtered by product Ios
Subscriptions
Total
210 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23280 | 5 Apple, Fedoraproject, Redhat and 2 more | 13 Ios, Ipad Os, Ipados and 10 more | 2026-04-02 | 7.5 High |
| An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user. | ||||
| CVE-2024-23271 | 2 Apple, Redhat | 9 Ios, Ipados, Iphone Os and 6 more | 2026-04-02 | 7.3 High |
| A logic issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior. | ||||
| CVE-2024-23265 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2026-04-02 | 9.8 Critical |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2024-23255 | 1 Apple | 5 Ios, Ipad Os, Ipados and 2 more | 2026-04-02 | 9.1 Critical |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Photos in the Hidden Photos Album may be viewed without authentication. | ||||
| CVE-2024-23251 | 1 Apple | 5 Ios, Ipados, Iphone Os and 2 more | 2026-04-02 | 4.6 Medium |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, watchOS 10.5. An attacker with physical access may be able to leak Mail account credentials. | ||||
| CVE-2024-23235 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2026-04-02 | 8.1 High |
| A race condition was addressed with additional validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to access user-sensitive data. | ||||
| CVE-2024-23228 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 4.3 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.3 and iPadOS 17.3. Locked Notes content may have been unexpectedly unlocked. | ||||
| CVE-2024-23226 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2026-04-02 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution. | ||||
| CVE-2025-46306 | 1 Apple | 7 Ios, Ipad Os, Ipados and 4 more | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing a maliciously crafted Keynote file may disclose memory contents. | ||||
| CVE-2025-43450 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 7.5 High |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to learn information about the current camera view before being granted camera access. | ||||
| CVE-2025-43535 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2026-04-02 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-20643 | 1 Apple | 4 Ios, Ipados, Iphone Os and 1 more | 2026-04-02 | 5.4 Medium |
| A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy. | ||||
| CVE-2025-46286 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2026-04-02 | 4.3 Medium |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS 26.2. Restoring from a backup may prevent passcode from being required immediately after Face ID enrollment. | ||||
| CVE-2025-43475 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 5.5 Medium |
| A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data. | ||||
| CVE-2024-54556 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 2.4 Low |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may be able to view restricted content from the lock screen. | ||||
| CVE-2025-43541 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2026-04-02 | 4.3 Medium |
| A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2025-43501 | 2 Apple, Webkitgtk | 8 Ios, Ipados, Iphone Os and 5 more | 2026-04-02 | 4.3 Medium |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-40867 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 8.8 High |
| A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox. | ||||
| CVE-2023-43000 | 1 Apple | 7 Ios, Ipad Os, Ipados and 4 more | 2026-03-12 | 8.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-55177 | 3 Apple, Facebook, Whatsapp | 7 Ios, Macos, Facebook and 4 more | 2026-02-26 | 5.4 Medium |
| Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device. We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users. | ||||