cbcvebase.

Apple Ios And Ipados vulnerabilities

1,534 known vulnerabilities affecting apple/ios_and_ipados.

Total CVEs
1,534
CISA KEV
57
actively exploited
Public exploits
1
Exploited in wild
44
Severity breakdown
CRITICAL73HIGH605MEDIUM736LOW120

Vulnerabilities

Page 21 of 77
CVE-2025-30426CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-30426 [CRITICAL] CWE-200 CVE-2025-30426: This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPa This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to enumerate a user's installed apps.
nvd
CVE-2025-30430CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-30430 [CRITICAL] CWE-287 CVE-2025-30430: This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPad This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. Password autofill may fill in passwords after failing authentication.
nvd
CVE-2025-30433CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-30433 [CRITICAL] CWE-284 CVE-2025-30433: This issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPad This issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.
nvd
CVE-2025-24178CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24178 [CRITICAL] CVE-2025-24178: This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPad This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to break out of its sandbox.
nvd
CVE-2025-24238CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24238 [CRITICAL] CWE-276 CVE-2025-24238: A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, m A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to gain elevated privileges.
nvd
CVE-2025-24237CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24237 [CRITICAL] CWE-120 CVE-2025-24237: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and i A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination.
nvd
CVE-2025-24190CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24190 [CRITICAL] CWE-400 CVE-2025-24190: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18 The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
nvd
CVE-2025-24264CRITICALCVSS 9.8fixed in 18.42025-03-31
CVE-2025-24264 [CRITICAL] CWE-400 CVE-2025-24264: The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
nvd
CVE-2025-24257HIGHCVSS 7.1fixed in 18.42025-03-31
CVE-2025-24257 [HIGH] CWE-787 CVE-2025-24257: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination or write kernel memory.
nvd
CVE-2025-24243HIGHCVSS 7.8fixed in 18.42025-03-31
CVE-2025-24243 [HIGH] CWE-94 CVE-2025-24243: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18 The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing a maliciously crafted file may lead to arbitrary code execution.
nvd
CVE-2025-24180HIGHCVSS 8.1fixed in 18.42025-03-31
CVE-2025-24180 [HIGH] CWE-601 CVE-2025-24180: The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix.
nvd
CVE-2025-24213HIGHCVSS 7.8fixed in 18.52025-03-31
CVE-2025-24213 [HIGH] CWE-843 CVE-2025-24213: This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 1 This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption.
nvd
CVE-2025-24095HIGHCVSS 7.6fixed in 18.42025-03-31
CVE-2025-24095 [HIGH] CWE-288 CVE-2025-24095: This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPa This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4. An app may be able to bypass Privacy preferences.
nvd
CVE-2025-31184HIGHCVSS 7.8fixed in 18.42025-03-31
CVE-2025-31184 [HIGH] CWE-281 CVE-2025-31184: This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, iOS This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. An app may gain unauthorized access to Local Network.
nvd
CVE-2025-24173HIGHCVSS 7.8fixed in 18.42025-03-31
CVE-2025-24173 [HIGH] CWE-284 CVE-2025-24173: This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPa This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox.
nvd
CVE-2025-24209HIGHCVSS 7.0fixed in 18.42025-03-31
CVE-2025-24209 [HIGH] CWE-120 CVE-2025-24209: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 1 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected process crash.
nvd
CVE-2025-30456HIGHCVSS 7.8fixed in 18.42025-03-31
CVE-2025-30456 [HIGH] CWE-281 CVE-2025-30456: A parsing issue in the handling of directory paths was addressed with improved path validation. This A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
nvd
CVE-2025-24221HIGHCVSS 7.5fixed in 18.42025-03-31
CVE-2025-24221 [HIGH] CWE-863 CVE-2025-24221: This issue was addressed with improved data access restriction. This issue is fixed in iOS 18.4 and This issue was addressed with improved data access restriction. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, visionOS 2.4. Sensitive keychain data may be accessible from an iOS backup.
nvd
CVE-2025-30471HIGHCVSS 7.5fixed in 18.42025-03-31
CVE-2025-30471 [HIGH] CWE-20 CVE-2025-30471: A validation issue was addressed with improved logic. This issue is fixed in iOS 18.4 and iPadOS 18. A validation issue was addressed with improved logic. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. A remote user may be able to cause a denial-of-service.
nvd
CVE-2025-30432MEDIUMCVSS 6.4fixed in 18.42025-03-31
CVE-2025-30432 [MEDIUM] CWE-287 CVE-2025-30432: A logic issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPad A logic issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. A malicious app may be able to attempt passcode entries on a locked device and thereby cause escalating time delays after 4 failures.
nvd
← Previous21 / 77Next →