Apple visionOS vulnerabilities
410 known vulnerabilities affecting apple/visionos.
Total CVEs
410
CISA KEV
17
actively exploited
Public exploits
1
Exploited in wild
6
Severity breakdown
CRITICAL30HIGH122MEDIUM248LOW10
Vulnerabilities
Page 15 of 21
CVE-2025-24160MEDIUMCVSS 4.3fixed in 2.32025-01-27
CVE-2025-24160 [MEDIUM] CWE-404 CVE-2025-24160: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadO
The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.
cvelistv5nvd
CVE-2025-24086MEDIUMCVSS 5.5fixed in 2.32025-01-27
CVE-2025-24086 [MEDIUM] CWE-770 CVE-2025-24086: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing an image may lead to a denial-of-service.
cvelistv5nvd
CVE-2025-24158MEDIUMCVSS 6.5fixed in 2.32025-01-27
CVE-2025-24158 [MEDIUM] CWE-79 CVE-2025-24158: The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service.
cvelistv5nvd
CVE-2025-24162MEDIUMCVSS 6.5fixed in 2.32025-01-27
CVE-2025-24162 [MEDIUM] CWE-125 CVE-2025-24162: This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS
This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to an unexpected process crash.
cvelistv5nvd
CVE-2025-24127MEDIUMCVSS 5.5fixed in 2.32025-01-27
CVE-2025-24127 [MEDIUM] CWE-770 CVE-2025-24127: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadO
The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3. Parsing a file may lead to an unexpected app termination.
cvelistv5nvd
CVE-2024-54478MEDIUMCVSS 6.5fixed in 2.22025-01-27
CVE-2024-54478 [MEDIUM] CWE-125 CVE-2024-54478: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.4, macOS Sequoia 15.2, macOS Sonoma 14.7.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
cvelistv5nvd
CVE-2025-24131MEDIUMCVSS 6.5fixed in 2.32025-01-27
CVE-2025-24131 [MEDIUM] CWE-120 CVE-2025-24131: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to cause a denial-of-service.
cvelistv5nvd
CVE-2025-24163MEDIUMCVSS 5.5fixed in 2.3fixed in 2.42025-01-27
CVE-2025-24163 [MEDIUM] CVE-2025-24163: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iOS 1
The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sequoia 15.4, macOS Sonoma 14.7.3, tvOS 18.3, tvOS 18.4, visionOS 2.3, visionOS 2.4, watchOS 11.3, watchOS 11.4. Parsing a file may lead to an unexpected app termination.
cvelistv5nvd
CVE-2025-24149MEDIUMCVSS 5.5fixed in 2.32025-01-27
CVE-2025-24149 [MEDIUM] CWE-125 CVE-2025-24149: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.3 a
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to disclosure of user information.
cvelistv5nvd
CVE-2025-24123MEDIUMCVSS 5.5fixed in 2.32025-01-27
CVE-2025-24123 [MEDIUM] CVE-2025-24123: The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadO
The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination.
cvelistv5nvd
CVE-2024-54541MEDIUMCVSS 5.5fixed in 2.22025-01-27
CVE-2024-54541 [MEDIUM] CWE-922 CVE-2024-54541: This issue was addressed through improved state management. This issue is fixed in iOS 18.2 and iPad
This issue was addressed through improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. An app may be able to access user-sensitive data.
cvelistv5nvd
CVE-2024-40771HIGHCVSS 7.8fixed in 1.22025-01-15
CVE-2024-40771 [HIGH] CWE-863 CVE-2024-40771: The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.
cvelistv5nvd
CVE-2024-27856HIGHCVSS 7.8fixed in 1.22025-01-15
CVE-2024-27856 [HIGH] CWE-94 CVE-2024-27856: The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPa
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a file may lead to unexpected app termination or arbitrary code execution.
cvelistv5nvd
CVE-2024-54535MEDIUMCVSS 4.3fixed in 2.12025-01-15
CVE-2024-54535 [MEDIUM] CWE-22 CVE-2024-54535: A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS
A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders.
cvelistv5nvd
CVE-2024-54538HIGHCVSS 7.5fixed in 2.12024-12-20
CVE-2024-54538 [HIGH] CWE-770 CVE-2024-54538: A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 1
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A remote attacker may be able to cause a denial-of-service.
cvelistv5nvd
CVE-2024-54534CRITICALCVSS 9.8fixed in 2.22024-12-12
CVE-2024-54534 [CRITICAL] CWE-787 CVE-2024-54534: The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.
cvelistv5nvd
CVE-2024-54479HIGHCVSS 7.5fixed in 2.22024-12-12
CVE-2024-54479 [HIGH] CVE-2024-54479: The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadO
The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
cvelistv5nvd
CVE-2024-44245HIGHCVSS 7.1fixed in 2.22024-12-12
CVE-2024-44245 [HIGH] CWE-787 CVE-2024-44245: The issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, visionOS 2.2. An app may be able to cause unexpected system termination or corrupt kernel memory.
cvelistv5nvd
CVE-2024-54508HIGHCVSS 7.5fixed in 2.22024-12-12
CVE-2024-54508 [HIGH] CVE-2024-54508: The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
cvelistv5nvd
CVE-2024-54505HIGHCVSS 8.8fixed in 2.22024-12-12
CVE-2024-54505 [HIGH] CWE-843 CVE-2024-54505: A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 18
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.
cvelistv5nvd