Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Iphone Os
Total 3806 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-54535 1 Apple 4 Ipados, Iphone Os, Visionos and 1 more 2025-01-17 N/A 4.3 MEDIUM
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders.
CVE-2024-3661 9 Apple, Cisco, Citrix and 6 more 12 Iphone Os, Macos, Anyconnect Vpn Client and 9 more 2025-01-15 N/A 7.6 HIGH
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
CVE-2024-54538 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2025-01-06 N/A 7.5 HIGH
A denial-of-service issue was addressed with improved input validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, macOS Ventura 13.7.1. A remote attacker may be able to cause a denial-of-service.
CVE-2024-9961 2 Apple, Google 2 Iphone Os, Chrome 2025-01-02 N/A 8.8 HIGH
Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-11115 2 Apple, Google 2 Iphone Os, Chrome 2025-01-02 N/A 8.8 HIGH
Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege escalation via a series of UI gestures. (Chromium security severity: Medium)
CVE-2024-9957 2 Apple, Google 2 Iphone Os, Chrome 2025-01-02 N/A 8.8 HIGH
Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-54510 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2024-12-20 N/A 5.1 MEDIUM
A race condition was addressed with improved locking. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to leak sensitive kernel state.
CVE-2024-54500 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2024-12-20 N/A 5.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may result in disclosure of process memory.
CVE-2024-54486 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2024-12-20 N/A 6.5 MEDIUM
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted font may result in the disclosure of process memory.
CVE-2024-54479 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2024-12-20 N/A 7.5 HIGH
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-44245 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-12-20 N/A 7.1 HIGH
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, visionOS 2.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2024-44225 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2024-12-20 N/A 7.8 HIGH
A logic issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to gain elevated privileges.
CVE-2024-44212 1 Apple 6 Ipados, Iphone Os, Safari and 3 more 2024-12-20 N/A 5.3 MEDIUM
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin.
CVE-2023-5217 8 Apple, Debian, Fedoraproject and 5 more 11 Ipad Os, Iphone Os, Debian Linux and 8 more 2024-12-20 N/A 8.8 HIGH
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-32435 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-12-20 N/A 8.8 HIGH
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.
CVE-2024-4558 3 Apple, Fedoraproject, Google 6 Ipados, Iphone Os, Macos and 3 more 2024-12-20 N/A 9.6 CRITICAL
Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-23278 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2024-12-20 N/A 8.6 HIGH
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox.
CVE-2023-28826 1 Apple 3 Ipados, Iphone Os, Macos 2024-12-20 N/A 5.5 MEDIUM
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data.
CVE-2024-23231 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-12-20 N/A 5.5 MEDIUM
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6. An app may be able to access user-sensitive data.
CVE-2024-23246 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2024-12-20 N/A 8.6 HIGH
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to break out of its sandbox.