Apple iPadOS - 1933 CVEs (Page 5/17)

About “Apple iPadOS”

A curated feed of “Apple iPadOS”-related CVEs appears below. We currently track 1933 CVEs for this tag (all time). In the last 365 days, 339 were published. Average CVSS is 6.6 (all time; 6.2 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-284 - Improper Access Control, CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.

In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0

2025-02-10

Medium

CVE-2025-24200

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5.…

CVSS: 6.1 CWE: CWE-863 - Incorrect Authorization View on NVD

Medium

CVE-2024-54658

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content m…

CVSS: 6.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD

High

CVE-2024-27859

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to ar…

CVSS: 8.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

2025-01-27

High

CVE-2025-24177

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5.…

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD

Medium

CVE-2025-24163

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sequoia 15.4, macOS Sonoma 14.7.3, tv…

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2025-24162

This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing malicio…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD

Medium

CVE-2025-24161

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a…

CVSS: 5.5 CWE: CWE-754 - Improper Check for Unusual or Exceptional Conditions View on NVD

Medium

CVE-2025-24160

CVSS: 4.3 CWE: CWE-404 - Improper Resource Shutdown or Release View on NVD

High

CVE-2025-24159

A validation issue was addressed with improved logic. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. A…

CVSS: 7.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

Medium

CVE-2025-24158

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content…

CVSS: 6.5 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Critical

CVE-2025-24154

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, visionOS 2.3. An a…

CVSS: 9.1 CWE: CWE-787 - Out-of-bounds Write View on NVD

High

CVE-2025-24150

A privacy issue was addressed with improved handling of files. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Copying a URL from Web Inspector may lead to command i…

CVSS: 8.8 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD

Medium

CVE-2025-24149

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS…

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD

Low

CVE-2025-24145

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An app may be able to view a contact's phone n…

CVSS: 3.3 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD

Medium

CVE-2025-24143

The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted web…

CVSS: 6.5 CWE: CWE-862 - Missing Authorization View on NVD

Low

CVE-2025-24141

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Pho…

CVSS: 3.3 CWE: CWE-863 - Incorrect Authorization View on NVD

High

CVE-2025-24137

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3. An attacke…

CVSS: 8.0 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD

Medium

CVE-2025-24131

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, vision…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD

High

CVE-2025-24129

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An…

CVSS: 7.5 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD

Medium

CVE-2025-24128

The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Visiting a malicious website may lead to address bar spoofing.

CVSS: 4.3 CWE: N/A View on NVD

Medium

CVE-2025-24127

The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3. P…

CVSS: 5.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD

High

CVE-2025-24126

An input validation issue was addressed. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the lo…

CVSS: 7.3 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD

Medium

CVE-2025-24124

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2025-24123

CVSS: 5.5 CWE: N/A View on NVD

High

CVE-2025-24118

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or writ…

CVSS: 7.1 CWE: CWE-787 - Out-of-bounds Write View on NVD

Medium

CVE-2025-24117

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, visionOS 2.3, watchOS 11.3. An app may b…

CVSS: 5.5 CWE: CWE-922 - Insecure Storage of Sensitive Information View on NVD

Medium

CVE-2025-24113

The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, v…

CVSS: 4.3 CWE: N/A View on NVD

High

CVE-2025-24107

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3. A malicious app may be able to gain root…

CVSS: 7.8 CWE: CWE-276 - Incorrect Default Permissions View on NVD

Medium

CVE-2025-24104

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of pr…

CVSS: 5.5 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD

Critical

CVE-2025-24102

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to determine a user’s current loc…

CVSS: 9.8 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD

Medium

CVE-2025-24086

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, vision…

CVSS: 5.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD

Critical

CVE-2025-24085

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tv…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Medium

CVE-2024-54550

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An app may be able to view autocompleted contact inform…

CVSS: 4.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD

High

CVE-2024-54543

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processi…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Critical

CVE-2024-54542

An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2. Private Browsing tabs may be acce…

CVSS: 9.1 CWE: CWE-862 - Missing Authorization View on NVD

Medium

CVE-2024-54541

This issue was addressed through improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, visionOS 2.2, wa…

CVSS: 5.5 CWE: CWE-922 - Insecure Storage of Sensitive Information View on NVD

Critical

CVE-2024-54530

The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.2. Password autofill may fill in passwords after failing au…

CVSS: 9.1 CWE: CWE-863 - Incorrect Authorization View on NVD

Medium

CVE-2024-54523

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

CVSS: 6.3 CWE: CWE-787 - Out-of-bounds Write View on NVD

High

CVE-2024-54522

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Medium

CVE-2024-54518

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

CVSS: 5.3 CWE: CWE-125 - Out-of-bounds Read View on NVD

High

CVE-2024-54517

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Critical

CVE-2024-54512

The issue was addressed by removing the relevant flags. This issue is fixed in iOS 18.2 and iPadOS 18.2, watchOS 11.2. A system binary could be used to fingerprint a user's Apple Account.

CVSS: 9.1 CWE: CWE-863 - Incorrect Authorization View on NVD

Medium

CVE-2024-54507

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An attacker with user privileges may be able to read kernel me…

CVSS: 5.5 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD

High

CVE-2024-54499

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing a maliciou…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD

Medium

CVE-2024-54497

The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.4, macOS Sequoia 15.2, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.2, visionOS 2.2, w…

CVSS: 6.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD

Medium

CVE-2024-54488

A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Photos in the H…

CVSS: 5.3 CWE: CWE-863 - Incorrect Authorization View on NVD

Medium

CVE-2024-54478

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.4, macOS Sequoia 15.2, macOS Sonoma 14.7.2, tvOS 18.2, visionOS…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD

High

CVE-2024-54468

The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. A…

CVSS: 8.2 CWE: N/A View on NVD

2025-01-15

Medium

CVE-2024-54535

A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data coul…

CVSS: 4.3 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD

Medium

CVE-2024-54470

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contacts from t…

CVSS: 4.6 CWE: CWE-862 - Missing Authorization View on NVD

Medium

CVE-2024-44136

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protecti…

CVSS: 4.6 CWE: CWE-863 - Incorrect Authorization View on NVD

Medium

CVE-2024-40854

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macO…

CVSS: 5.5 CWE: N/A View on NVD

Low

CVE-2024-40839

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification content…

CVSS: 2.4 CWE: CWE-862 - Missing Authorization View on NVD

High

CVE-2024-40771

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, t…

CVSS: 7.8 CWE: CWE-863 - Incorrect Authorization View on NVD

High

CVE-2024-27856

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Pro…

CVSS: 7.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

2024-12-20

High

CVE-2024-54538

A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS V…

CVSS: 7.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD

2024-12-12

Critical

CVE-2024-54534

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Medium

CVE-2024-54527

This issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. An app may be a…

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2024-54526

The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2. A malicious app…

CVSS: 5.5 CWE: N/A View on NVD

High

CVE-2024-54514

CVSS: 8.6 CWE: N/A View on NVD

Medium

CVE-2024-54513

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. An app may be able to acces…

CVSS: 5.5 CWE: CWE-281 - Improper Preservation of Permissions View on NVD

Medium

CVE-2024-54510

A race condition was addressed with improved locking. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS…

CVSS: 5.1 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD

High

CVE-2024-54508

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD

High

CVE-2024-54505

A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 1…

CVSS: 8.8 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD

Medium

CVE-2024-54503

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2. Muting a call while ringing may not result in mute being enabled.

CVSS: 4.2 CWE: N/A View on NVD

Medium

CVE-2024-54502

The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing malici…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD

Medium

CVE-2024-54501

CVSS: 5.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD

Medium

CVE-2024-54500

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2024-54494

A race condition was addressed with additional validation. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, vi…

CVSS: 5.9 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD

Medium

CVE-2024-54492

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, visionOS 2.2. An attacker in a p…

CVSS: 5.9 CWE: N/A View on NVD

Medium

CVE-2024-54486

CVSS: 6.5 CWE: N/A View on NVD

Low

CVE-2024-54485

The issue was addressed by adding additional logic. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. An attacker with physical access to an iOS device may be able t…

CVSS: 2.4 CWE: CWE-922 - Insecure Storage of Sensitive Information View on NVD

High

CVE-2024-54479

The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing malici…

CVSS: 7.5 CWE: N/A View on NVD

Critical

CVE-2024-44299

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary c…

CVSS: 9.8 CWE: N/A View on NVD

Low

CVE-2024-44290

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, watchOS 11.1. An app may be able to determine a user’s…

CVSS: 3.3 CWE: N/A View on NVD

Medium

CVE-2024-44246

The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2. On a device with Private…

CVSS: 5.3 CWE: CWE-125 - Out-of-bounds Read View on NVD

High

CVE-2024-44245

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, visionOS 2.2. An app may be able to cau…

CVSS: 7.1 CWE: CWE-787 - Out-of-bounds Write View on NVD

Critical

CVE-2024-44242

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Critical

CVE-2024-44241

CVSS: 9.8 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD

High

CVE-2024-44225

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.…

CVSS: 7.8 CWE: N/A View on NVD

Medium

CVE-2024-44212

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Cookie…

CVSS: 5.3 CWE: CWE-346 - Origin Validation Error View on NVD

Medium

CVE-2024-44201

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iPadOS 17.7.3, macOS Sequoia 15.1, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Processing a mali…

CVSS: 5.5 CWE: CWE-404 - Improper Resource Shutdown or Release View on NVD

Low

CVE-2024-44200

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to read sensitive location informati…

CVSS: 3.3 CWE: CWE-922 - Insecure Storage of Sensitive Information View on NVD

2024-11-20

Medium

CVE-2024-44309

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionO…

CVSS: 6.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

High

CVE-2024-44308

The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing malici…

CVSS: 8.8 CWE: N/A View on NVD

2024-11-01

Medium

CVE-2024-44234

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS…

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD

Medium

CVE-2024-44233

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD

Medium

CVE-2024-44232

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD

2024-10-28

Medium

CVE-2024-44240

The issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1,…

CVSS: 5.5 CWE: N/A View on NVD

Critical

CVE-2024-44217

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authenti…

CVSS: 9.1 CWE: CWE-863 - Incorrect Authorization View on NVD

Medium

CVE-2024-44145

This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An attacker with physical access to a macOS device with Sidecar enabled may…

CVSS: 6.1 CWE: N/A View on NVD

Medium

CVE-2024-44302

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2024-44297

CVSS: 6.5 CWE: N/A View on NVD

Medium

CVE-2024-44296

The issue was addressed with improved checks. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Pr…

CVSS: 5.4 CWE: N/A View on NVD

High

CVE-2024-44285

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. An app may be able to…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD

Medium

CVE-2024-44282

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventu…

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD

Medium

CVE-2024-44278

An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1,…

CVSS: 5.5 CWE: N/A View on NVD

High

CVE-2024-44277

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1. An app may be able to cause unexpected system term…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Medium

CVE-2024-44274

The issue was addressed with improved authentication. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. An attacker with physical access to a locked device…

CVSS: 4.6 CWE: N/A View on NVD

Medium

CVE-2024-44273

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A malicio…

CVSS: 5.5 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD

Medium

CVE-2024-44269

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionO…

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2024-44263

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to access user-sensitive data.

CVSS: 5.5 CWE: CWE-922 - Insecure Storage of Sensitive Information View on NVD

Medium

CVE-2024-44261

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted c…

CVSS: 5.5 CWE: N/A View on NVD

High

CVE-2024-44259

This issue was addressed through improved state management. This issue is fixed in Safari 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. An attacker m…

CVSS: 7.5 CWE: N/A View on NVD

High

CVE-2024-44258

This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted ba…

CVSS: 7.1 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD

High

CVE-2024-44255

A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watch…

CVSS: 7.8 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD

Medium

CVE-2024-44254

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, watchOS 11.1…

CVSS: 5.5 CWE: N/A View on NVD

High

CVE-2024-44252

A logic issue was addressed with improved file handling. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted backup…

CVSS: 7.1 CWE: N/A View on NVD

Low

CVE-2024-44251

This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen.

CVSS: 2.4 CWE: N/A View on NVD

Medium

CVE-2024-44244

A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Proces…

CVSS: 4.3 CWE: CWE-787 - Out-of-bounds Write View on NVD

Medium

CVE-2024-44239

CVSS: 5.5 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD

Medium

CVE-2024-44235

The issue was addressed with improved checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen.

CVSS: 4.6 CWE: CWE-754 - Improper Check for Unusual or Exceptional Conditions View on NVD

Medium

CVE-2024-44229

An information leakage was addressed with additional validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1. Private browsing may leak some browsin…

CVSS: 5.3 CWE: N/A View on NVD

High

CVE-2024-44218

This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1. Processing a maliciously crafted…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Medium

CVE-2024-44215

This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1,…

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2024-44194

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An app may be able to acces…

CVSS: 5.5 CWE: N/A View on NVD

Medium

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Ma…

CVSS: 6.5 CWE: N/A View on NVD

Medium

CVE-2024-44144

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, visionOS 2, w…

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD

High

CVE-2024-44126

The issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7.1, visionOS 2. Processing…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Low

CVE-2024-44123

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. A malicious app with root privileges may be able to access keyboard inpu…

CVSS: 2.3 CWE: N/A View on NVD