ReportizFlow
Filtered by vendor Apple
Subscriptions
Filtered by product Ipados
Subscriptions
Total
1907 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30454 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-28 | 5.5 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. A malicious app may be able to access private information. | ||||
| CVE-2025-31183 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-28 | 9.8 Critical |
| The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. An app may be able to access sensitive user data. | ||||
| CVE-2025-24212 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 6.3 Medium |
| This issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox. | ||||
| CVE-2025-24198 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-04-28 | 6.6 Medium |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker with physical access may be able to use Siri to access sensitive user data. | ||||
| CVE-2025-24205 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-04-28 | 5.5 Medium |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data. | ||||
| CVE-2025-24182 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-28 | 5.5 Medium |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing a maliciously crafted font may result in the disclosure of process memory. | ||||
| CVE-2025-30430 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-28 | 9.8 Critical |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. Password autofill may fill in passwords after failing authentication. | ||||
| CVE-2025-30426 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 9.8 Critical |
| This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to enumerate a user's installed apps. | ||||
| CVE-2025-24097 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-28 | 5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.7, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, watchOS 11.4. An app may be able to read arbitrary file metadata. | ||||
| CVE-2025-24214 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.5 Medium |
| A privacy issue was addressed by not logging contents of text fields. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to access sensitive user data. | ||||
| CVE-2025-24202 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-04-28 | 5.5 Medium |
| A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data. | ||||
| CVE-2025-24193 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-28 | 2.4 Low |
| This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos. | ||||
| CVE-2025-30447 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.5 Medium |
| The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to access sensitive user data. | ||||
| CVE-2025-24215 | 1 Apple | 2 Ipados, Macos | 2026-04-28 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information. | ||||
| CVE-2025-24167 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2026-04-28 | 9.8 Critical |
| This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated. | ||||
| CVE-2025-30445 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 6.5 Medium |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination. | ||||
| CVE-2025-24206 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 7.7 High |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy. | ||||
| CVE-2025-24271 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.4 Medium |
| An access issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing. | ||||
| CVE-2025-24270 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.7 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information. | ||||
| CVE-2025-31197 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.7 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination. | ||||