cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-24085,https://securityvulnerability.io/vulnerability/CVE-2025-24085,Use After Free Vulnerability in Apple VisionOS and iOS Products,"A memory management flaw classified as a use after free vulnerability has been identified in Apple's software architecture. Malicious applications may exploit this vulnerability to elevate privileges, posing a significant risk to user security. While Apple has implemented fixes in specific versions of its operating systems, reports indicate that this vulnerability might have been actively exploited in earlier versions of iOS, particularly those prior to iOS 17.2. Users are strongly advised to update their devices to the latest versions to mitigate potential risks associated with this vulnerability.",Apple,"Visionos,TV OS,Mac OS,Watch OS,iOS And iPad OS",7.8,HIGH,0.0020800000056624413,true,2025-01-29T00:00:00.000Z,true,true,true,2025-01-28T03:25:30.000Z,true,true,true,2025-01-30T18:52:02.453Z,2025-01-27T21:45:46.555Z,10318
CVE-2024-44308,https://securityvulnerability.io/vulnerability/CVE-2024-44308,"Apple Addresses Web Content Execution Vulnerability in Safari, macOS Sequoia, iOS, iPadOS, and visionOS","A vulnerability exists within Apple Safari and various iOS products that allows for arbitrary code execution via specially crafted web content. The flaw was addressed with improved checks to mitigate the exploitation risk. Apple has released security updates for affected products including Safari, iOS, iPadOS, and macOS Sequoia versions, noting that there are indications this vulnerability may have been actively exploited on Intel-based Mac systems. Users are strongly encouraged to update their devices to the latest versions to enhance security.",Apple,"Safari,Mac OS,iOS And iPad OS,Visionos",8.8,HIGH,0.0017999999690800905,true,2024-11-21T00:00:00.000Z,true,false,true,2024-11-21T00:00:00.000Z,,true,false,,2024-11-20T00:15:00.000Z,4878
CVE-2024-44309,https://securityvulnerability.io/vulnerability/CVE-2024-44309,"Safari Addresses Cookie Management Issue, Patches Cross-Site Scripting Flaw","A vulnerability has been identified within Apple’s cookie management system, impacting the Safari web browser and several Apple operating systems. The flaw revolves around improper state management which, when exploited, could allow an attacker to perform cross site scripting attacks through maliciously crafted web content. Reports indicate that this vulnerability has been actively exploited on Intel-based Mac systems, emphasizing the urgency for affected users to update to the latest secure versions, which include Safari 18.1.1, iOS 17.7.2, and several others.",Apple,"Mac OS,Visionos,iPhone OS,Safari,iPad OS",6.1,MEDIUM,0.0028899998869746923,true,2024-11-21T00:00:00.000Z,true,true,true,2024-11-20T10:50:46.000Z,,false,false,,2024-11-20T00:15:00.000Z,185
CVE-2024-23225,https://securityvulnerability.io/vulnerability/CVE-2024-23225,Apple Addresses Memory Corruption Issue in iOS and iPadOS,"A memory corruption issue affecting Apple's iOS and iPadOS products has been identified, resulting from insufficient validation mechanisms in kernel memory operations. Attackers possessing the ability to perform arbitrary reading and writing to kernel memory may potentially bypass existing memory protections. Apple has implemented fixes in iOS 16.7.6 and iPadOS 16.7.6, as well as in iOS 17.4 and iPadOS 17.4, to mitigate this vulnerability. There are reports indicating that this issue may have been actively exploited, necessitating immediate attention from users and administrators to update their systems to the latest versions.",Apple,iOS And iPad OS,7.8,HIGH,0.0020699999295175076,true,2024-03-06T00:00:00.000Z,true,false,true,2024-03-06T00:00:00.000Z,,true,true,2024-03-12T02:52:02.218Z,2024-03-05T19:24:12.330Z,14432
CVE-2024-23296,https://securityvulnerability.io/vulnerability/CVE-2024-23296,Apple Addresses Memory Corruption Issue in iOS 17.4 and iPadOS 17.4,"The articles discuss two iOS zero-day vulnerabilities, CVE-2024-23225 and CVE-2024-23296, that affect a range of iPhone and iPad models. Both vulnerabilities allow attackers to bypass kernel memory protections and may lead to arbitrary code execution. Apple released patches in March and backported them to older devices to address the security flaws. There are reports that both vulnerabilities have been actively exploited, but the nature of these attacks has not been disclosed. The exploitation of these vulnerabilities can pose significant risks to affected devices, and users are strongly advised to update their iOS and iPadOS to the latest versions to mitigate the risks.",Apple,iOS And iPad OS,7.8,HIGH,0.0020699999295175076,true,2024-03-06T00:00:00.000Z,true,false,true,2024-03-06T00:00:00.000Z,,false,false,,2024-03-05T19:24:13.999Z,0