cbcvebase.

Apple Ios And Ipados vulnerabilities

1,534 known vulnerabilities affecting apple/ios_and_ipados.

Total CVEs
1,534
CISA KEV
57
actively exploited
Public exploits
1
Exploited in wild
44
Severity breakdown
CRITICAL73HIGH605MEDIUM736LOW120

Vulnerabilities

Page 20 of 77
CVE-2025-30445MEDIUMCVSS 6.5fixed in 18.42025-04-29
CVE-2025-30445 [MEDIUM] CWE-843 CVE-2025-30445: A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadO A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.
nvd
CVE-2025-31197MEDIUMCVSS 5.7fixed in 18.42025-04-29
CVE-2025-31197 [MEDIUM] CWE-416 CVE-2025-31197: The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadO The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination.
nvd
CVE-2025-31203MEDIUMCVSS 6.5fixed in 18.42025-04-29
CVE-2025-31203 [MEDIUM] CWE-190 CVE-2025-31203: An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.4 an An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An attacker on the local network may be able to cause a denial-of-service.
nvd
CVE-2025-24179MEDIUMCVSS 5.7fixed in 18.32025-04-29
CVE-2025-24179 [MEDIUM] CWE-476 CVE-2025-24179: A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to cause a denial-of-service.
nvd
CVE-2025-24251MEDIUMCVSS 6.5fixed in 18.42025-04-29
CVE-2025-24251 [MEDIUM] CWE-476 CVE-2025-24251: The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadO The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An attacker on the local network may cause an unexpected app termination.
nvd
CVE-2025-24271MEDIUMCVSS 5.4fixed in 18.42025-04-29
CVE-2025-24271 [MEDIUM] CWE-306 CVE-2025-24271: An access issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and An access issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing.
nvd
CVE-2025-31201CRITICALCVSS 9.8KEVfixed in 18.4.12025-04-16
CVE-2025-31201 [CRITICAL] CWE-1220 CVE-2025-31201: This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPad This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely soph
nvd
CVE-2025-31200CRITICALCVSS 9.8KEVfixed in 18.4.12025-04-16
CVE-2025-31200 [CRITICAL] CWE-119 CVE-2025-31200: A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18 A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited
nvd
CVE-2023-42875HIGHCVSS 7.3≥ unspecified, < 172025-04-11
CVE-2023-42875 [HIGH] CWE-94 CVE-2023-42875: Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadO Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling.
nvd
CVE-2023-42977HIGHCVSS 7.8≥ unspecified, < 172025-04-11
CVE-2023-42977 [HIGH] CWE-20 CVE-2023-42977: A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPad A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to break out of its sandbox.
nvd
CVE-2023-42970HIGHCVSS 8.8≥ unspecified, < 172025-04-11
CVE-2023-42970 [HIGH] CWE-416 CVE-2023-42970: A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. Processing web content may lead to arbitrary code execution.
nvd
CVE-2023-38614MEDIUMCVSS 4.3≥ unspecified, < 172025-04-11
CVE-2023-38614 [MEDIUM] CWE-269 CVE-2023-38614: A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iP A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive user data.
nvd
CVE-2023-42961MEDIUMCVSS 6.3≥ unspecified, < 17≥ unspecified, < 16.72025-04-11
CVE-2023-42961 [MEDIUM] CWE-22 CVE-2023-42961: A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPad A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS Ventura 13.6, macOS Monterey 12.7. A sandboxed process may be able to circumvent sandbox restrictions.
nvd
CVE-2023-42973MEDIUMCVSS 4.0≥ unspecified, < 172025-04-11
CVE-2023-42973 [MEDIUM] CWE-285 CVE-2023-42973: Private Browsing tabs may be accessed without authentication. This issue is fixed in iOS 17 and iPad Private Browsing tabs may be accessed without authentication. This issue is fixed in iOS 17 and iPadOS 17. The issue was addressed with improved UI.
nvd
CVE-2023-42969LOWCVSS 3.3≥ unspecified, < 17≥ unspecified, < 16.72025-04-11
CVE-2023-42969 [LOW] CWE-284 CVE-2023-42969: An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16. An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS Ventura 13.6, macOS Monterey 12.7. The issue was addressed with improved handling of caches.
nvd
CVE-2025-24230CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24230 [CRITICAL] CWE-125 CVE-2025-24230: An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Playing a malicious audio file may lead to an unexpected app termination.
nvd
CVE-2025-24211CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24211 [CRITICAL] CWE-400 CVE-2025-24211: This issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 1 This issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
nvd
CVE-2025-31182CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-31182 [CRITICAL] CWE-862 CVE-2025-31182: This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.4 and iPa This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to delete files for which it does not have permission.
nvd
CVE-2025-31183CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-31183 [CRITICAL] CWE-200 CVE-2025-31183: The issue was addressed with improved restriction of data container access. This issue is fixed in i The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. An app may be able to access sensitive user data.
nvd
CVE-2025-24167CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24167 [CRITICAL] CVE-2025-24167: This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated.
nvd
← Previous20 / 77Next →
Apple Ios And Ipados vulnerabilities | cvebase