Apple Ios And Ipados vulnerabilities

CVE-2024-54507 [MEDIUM] CWE-843 CVE-2024-54507: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An attacker with user privileges may be able to read kernel memory.

CVE-2024-54488 [MEDIUM] CWE-863 CVE-2024-54488: A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Photos in the Hidden Photos Album may be viewed without authentication.

CVE-2025-24161 [MEDIUM] CWE-754 CVE-2025-24161: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadO The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.

CVE-2025-24143 [MEDIUM] CWE-862 CVE-2025-24143: The issue was addressed with improved access restrictions to the file system. This issue is fixed in The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.

CVE-2024-54497 [MEDIUM] CWE-770 CVE-2024-54497: The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadO The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.4, macOS Sequoia 15.2, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing web content may lead to a denial-of-service.

CVE-2025-24124 [MEDIUM] CVE-2025-24124: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadO The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.

CVE-2025-24113 [MEDIUM] CVE-2025-24113: The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface spoofing.

CVE-2025-24160 [MEDIUM] CWE-404 CVE-2025-24160: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadO The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.

CVE-2024-54518 [MEDIUM] CWE-125 CVE-2024-54518: The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2 The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

CVE-2025-24086 [MEDIUM] CWE-770 CVE-2025-24086: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18 The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing an image may lead to a denial-of-service.

CVE-2025-24158 [MEDIUM] CWE-79 CVE-2025-24158: The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service.

CVE-2025-24162 [MEDIUM] CWE-125 CVE-2025-24162: This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to an unexpected process crash.

CVE-2025-24128 [MEDIUM] CVE-2025-24128: The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and The issue was addressed by adding additional logic. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. Visiting a malicious website may lead to address bar spoofing.

CVE-2025-24104 [MEDIUM] CWE-59 CVE-2025-24104: This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPa This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files.

CVE-2024-54550 [MEDIUM] CWE-200 CVE-2024-54550: This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs.

CVE-2025-24127 [MEDIUM] CWE-770 CVE-2025-24127: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadO The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3. Parsing a file may lead to an unexpected app termination.

CVE-2024-54478 [MEDIUM] CWE-125 CVE-2024-54478: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.4, macOS Sequoia 15.2, macOS Sonoma 14.7.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.

CVE-2024-54523 [MEDIUM] CWE-787 CVE-2024-54523: The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2 The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.

CVE-2025-24131 [MEDIUM] CWE-120 CVE-2025-24131: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18 The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to cause a denial-of-service.

CVE-2025-24163 [MEDIUM] CVE-2025-24163: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iOS 1 The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sequoia 15.4, macOS Sonoma 14.7.3, tvOS 18.3, tvOS 18.4, visionOS 2.3, visionOS 2.4, watchOS 11.3, watchOS 11.4. Parsing a file may lead to an unexpected app termination.