ReportizFlow
Filtered by vendor Apple
Subscriptions
Filtered by product Ipados
Subscriptions
Total
1836 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24193 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-28 | 2.4 Low |
| This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos. | ||||
| CVE-2025-30447 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.5 Medium |
| The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to access sensitive user data. | ||||
| CVE-2025-24215 | 1 Apple | 2 Ipados, Macos | 2026-04-28 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information. | ||||
| CVE-2025-24167 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2026-04-28 | 9.8 Critical |
| This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated. | ||||
| CVE-2025-31201 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 9.8 Critical |
| This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS. | ||||
| CVE-2025-30445 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 6.5 Medium |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination. | ||||
| CVE-2025-24206 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 7.7 High |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to bypass authentication policy. | ||||
| CVE-2025-24271 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.4 Medium |
| An access issue was addressed with improved access restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing. | ||||
| CVE-2025-24270 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.7 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to leak sensitive user information. | ||||
| CVE-2025-31197 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 5.7 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app termination. | ||||
| CVE-2025-24252 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 8.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory. | ||||
| CVE-2025-24091 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-28 | 5.5 Medium |
| An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service. | ||||
| CVE-2025-31235 | 1 Apple | 2 Ipados, Macos | 2026-04-28 | 6.5 Medium |
| A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to cause unexpected system termination. | ||||
| CVE-2025-31238 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2026-04-28 | 7.3 High |
| The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-31214 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-28 | 8.1 High |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic. | ||||
| CVE-2025-31234 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-28 | 8.2 High |
| The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5. An attacker may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2025-31209 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-28 | 6.3 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Parsing a file may lead to disclosure of user information. | ||||
| CVE-2025-31233 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-28 | 6.3 Medium |
| The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-31225 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-28 | 7.1 High |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and iPadOS 18.5. Call history from deleted apps may still appear in spotlight search results. | ||||
| CVE-2025-31207 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-28 | 7.7 High |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps. | ||||