Filtered by vendor Apple
Subscribe
Total
14426 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40528 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17, watchOS 10, macOS Sonoma 14, iOS 17 and iPadOS 17, macOS Ventura 13.6.4. An app may be able to bypass Privacy preferences. | |||||
| CVE-2023-40389 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Ventura 13.6.5, macOS Monterey 12.7.4. An app may be able to access sensitive user data. | |||||
| CVE-2023-28826 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, macOS Monterey 12.7.4, macOS Sonoma 14.1, macOS Ventura 13.6.5. An app may be able to access sensitive user data. | |||||
| CVE-2025-43449 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-04 | N/A | 7.5 HIGH |
| The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able to track users between installs. | |||||
| CVE-2024-4558 | 3 Apple, Fedoraproject, Google | 6 Ipados, Iphone Os, Macos and 3 more | 2025-11-04 | N/A | 9.6 CRITICAL |
| Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-25938 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-11-04 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2024-25648 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-11-04 | N/A | 8.8 HIGH |
| A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2024-25575 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-11-04 | N/A | 8.8 HIGH |
| A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2025-43460 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-04 | N/A | 4.6 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information. | |||||
| CVE-2025-43459 | 1 Apple | 1 Watchos | 2025-11-04 | N/A | 4.6 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail. | |||||
| CVE-2024-44189 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 7.5 HIGH |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent. | |||||
| CVE-2024-44188 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | |||||
| CVE-2024-44186 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | |||||
| CVE-2024-44180 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-04 | N/A | 2.4 LOW |
| The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen. | |||||
| CVE-2024-44171 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2025-11-04 | N/A | 4.6 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features. | |||||
| CVE-2024-44162 | 1 Apple | 1 Xcode | 2025-11-04 | N/A | 7.8 HIGH |
| This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious application may gain access to a user's Keychain items. | |||||
| CVE-2024-44152 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 7.5 HIGH |
| A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data. | |||||
| CVE-2024-44149 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 7.5 HIGH |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | |||||
| CVE-2024-44148 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 10.0 CRITICAL |
| This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | |||||
| CVE-2024-44147 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-04 | N/A | 5.5 MEDIUM |
| This issue was addressed through improved state management. This issue is fixed in iOS 18 and iPadOS 18. An app may gain unauthorized access to Local Network. | |||||