cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-40815,https://securityvulnerability.io/vulnerability/CVE-2024-40815,Apple Addresses Race Condition Vulnerability in macOS,"A race condition vulnerability has been identified in several Apple products, allowing a malicious attacker with arbitrary read and write capabilities to potentially bypass Pointer Authentication. This issue was remedied through additional validation in updates for macOS Ventura, iOS, iPadOS, watchOS, and tvOS. Users are encouraged to upgrade to the latest versions to mitigate associated security risks.",Apple,"iOS And iPad OS,Mac OS,Watch OS,TV OS",7.5,HIGH,0.0012600000482052565,false,,false,false,true,2025-01-31T09:17:08.000Z,true,false,false,,2024-07-29T22:17:07.016Z,0
CVE-2025-24118,https://securityvulnerability.io/vulnerability/CVE-2025-24118,Memory Handling Issue in Apple iPadOS and macOS Products,"This vulnerability relates to how memory is handled in Apple's iPadOS and macOS operating systems. An attacker may exploit this flaw to cause unexpected system termination or potentially write to kernel memory, leading to significant software instability and possible unauthorized access to sensitive information. Improvements in memory management have been implemented in the latest updates to mitigate these risks, emphasizing the importance of keeping systems up-to-date.",Apple,"Mac OS,iPad OS",9.8,CRITICAL,0.00044999999227002263,false,,false,false,true,2025-01-30T09:10:44.000Z,true,true,false,,2025-01-27T21:45:58.119Z,3982
CVE-2025-24085,https://securityvulnerability.io/vulnerability/CVE-2025-24085,Use After Free Vulnerability in Apple VisionOS and iOS Products,"A memory management flaw classified as a use after free vulnerability has been identified in Apple's software architecture. Malicious applications may exploit this vulnerability to elevate privileges, posing a significant risk to user security. While Apple has implemented fixes in specific versions of its operating systems, reports indicate that this vulnerability might have been actively exploited in earlier versions of iOS, particularly those prior to iOS 17.2. Users are strongly advised to update their devices to the latest versions to mitigate potential risks associated with this vulnerability.",Apple,"Visionos,TV OS,Mac OS,Watch OS,iOS And iPad OS",7.8,HIGH,0.0020800000056624413,true,2025-01-29T00:00:00.000Z,true,true,true,2025-01-28T03:25:30.000Z,true,true,true,2025-01-30T18:52:02.453Z,2025-01-27T21:45:46.555Z,10318
CVE-2024-54507,https://securityvulnerability.io/vulnerability/CVE-2024-54507,Type Confusion Vulnerability in macOS and iOS by Apple,"This vulnerability is characterized by a type confusion issue that affects memory handling in Apple’s operating systems. An attacker with user-level privileges may exploit this flaw to access sensitive kernel memory, potentially leading to unauthorized information disclosure. This vulnerability has been addressed in the latest updates for macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2, emphasizing the importance of keeping systems updated for enhanced security.",Apple,"Mac OS,iOS And iPad OS",5.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2025-01-24T05:40:47.000Z,true,false,false,,2025-01-27T21:46:01.572Z,586
CVE-2024-44243,https://securityvulnerability.io/vulnerability/CVE-2024-44243,Apple Addresses File System Configuration Issue with macOS Sequoia 15.2 Update,"A configuration issue in Apple macOS Sequoia allows certain applications the ability to modify protected parts of the file system, potentially exposing critical system components and data to unauthorized changes. This vulnerability emphasizes the importance of maintaining strict access controls and ensuring that security practices are in place to protect system integrity. The issue has been addressed in macOS Sequoia 15.2, underscoring the need for users to update their systems to mitigate the risks associated with this configuration flaw.",Apple,Mac OS,5.5,MEDIUM,0.00044999999227002263,false,,true,true,true,2025-01-13T16:49:06.000Z,,true,false,,2024-12-12T02:15:00.000Z,3075
CVE-2024-54498,https://securityvulnerability.io/vulnerability/CVE-2024-54498,Path Handling Vulnerability in Apple macOS Products,"A path handling vulnerability has been identified in certain versions of macOS, which may allow an application to escape its sandbox environment. This issue highlights a validation flaw affecting the integrity of path management within the operating system. Apple has released updates to address this vulnerability in macOS Sequoia 15.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2 to mitigate the risk of unauthorized access and ensure improved application containment.",Apple,Mac OS,8.8,HIGH,0.0004199999966658652,false,,true,false,true,2025-01-08T18:55:44.000Z,true,false,false,,2024-12-12T02:15:00.000Z,1165
CVE-2024-23298,https://securityvulnerability.io/vulnerability/CVE-2024-23298,Improved State Management for Enhanced Security,"A logic issue within Apple's software has been addressed by implementing improved state management, enhancing system security. This vulnerability could potentially be exploited, affecting users across various Apple platforms. Keeping systems updated is crucial to maintain security and prevent exploitation of similar vulnerabilities.",Apple,Xcode,5.5,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-12-19T03:12:10.000Z,true,false,false,,2024-03-15T22:29:38.958Z,0
CVE-2024-44131,https://securityvulnerability.io/vulnerability/CVE-2024-44131,Apple Fixes Issue Allowing Apps to Access Sensitive User Data,"A vulnerability exists in the Apple ecosystem due to inadequate validation of symlinks, which could allow applications to gain unauthorized access to sensitive user data. This issue has been addressed in the latest updates for iOS 18, iPadOS 18, and macOS Sequoia 15. It is crucial for users to update their devices to these versions to mitigate potential risks associated with this security flaw. Additional information on the resolution can be found in Apple's official support documentation.",Apple,"Mac OS,iPhone OS,iPad OS",5.5,MEDIUM,0.0004299999854993075,false,,true,false,true,2024-12-10T00:00:00.000Z,,false,false,,2024-09-17T00:15:00.000Z,0
CVE-2024-44285,https://securityvulnerability.io/vulnerability/CVE-2024-44285,"Apple Patches Use-After-Free Vulnerability in iOS, iPadOS, watchOS, and tvOS","A use-after-free vulnerability exists within Apple iOS and iPadOS that could be exploited through improper memory management. This flaw allows a malicious application to potentially trigger unexpected termination of the system or corrupt kernel memory, leading to significant operational instability. The issue has been addressed in the latest versions of iOS 18.1, iPadOS 18.1, watchOS 11.1, visionOS 2.1, and tvOS 18.1, underscoring the importance of updating systems to mitigate risks associated with this vulnerability.",Apple,"Visionos,TV OS,Watch OS,iOS And iPad OS",7.8,HIGH,0.0004199999966658652,false,,false,false,true,2024-11-30T22:22:05.000Z,true,false,false,,2024-10-28T21:15:00.000Z,0
CVE-2024-44308,https://securityvulnerability.io/vulnerability/CVE-2024-44308,"Apple Addresses Web Content Execution Vulnerability in Safari, macOS Sequoia, iOS, iPadOS, and visionOS","A vulnerability exists within Apple Safari and various iOS products that allows for arbitrary code execution via specially crafted web content. The flaw was addressed with improved checks to mitigate the exploitation risk. Apple has released security updates for affected products including Safari, iOS, iPadOS, and macOS Sequoia versions, noting that there are indications this vulnerability may have been actively exploited on Intel-based Mac systems. Users are strongly encouraged to update their devices to the latest versions to enhance security.",Apple,"Safari,Mac OS,iOS And iPad OS,Visionos",8.8,HIGH,0.0017999999690800905,true,2024-11-21T00:00:00.000Z,true,false,true,2024-11-21T00:00:00.000Z,,true,false,,2024-11-20T00:15:00.000Z,4878
CVE-2024-44309,https://securityvulnerability.io/vulnerability/CVE-2024-44309,"Safari Addresses Cookie Management Issue, Patches Cross-Site Scripting Flaw","A vulnerability has been identified within Apple’s cookie management system, impacting the Safari web browser and several Apple operating systems. The flaw revolves around improper state management which, when exploited, could allow an attacker to perform cross site scripting attacks through maliciously crafted web content. Reports indicate that this vulnerability has been actively exploited on Intel-based Mac systems, emphasizing the urgency for affected users to update to the latest secure versions, which include Safari 18.1.1, iOS 17.7.2, and several others.",Apple,"Mac OS,Visionos,iPhone OS,Safari,iPad OS",6.1,MEDIUM,0.0028899998869746923,true,2024-11-21T00:00:00.000Z,true,true,true,2024-11-20T10:50:46.000Z,,false,false,,2024-11-20T00:15:00.000Z,185
CVE-2024-27821,https://securityvulnerability.io/vulnerability/CVE-2024-27821,iOS 17.5 and Later Fix Path Handling Issue That Could Leak Sensitive User Data,"A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent.",Apple,"iOS And iPad OS,Mac OS,Watch OS",4.7,MEDIUM,0.000590000010561198,false,,false,false,true,2024-11-18T05:56:41.000Z,true,false,false,,2024-05-14T15:13:00.000Z,0
CVE-2024-44258,https://securityvulnerability.io/vulnerability/CVE-2024-44258,Handling of Symlinks Improved to Address Security Risks,"A vulnerability related to symlink handling has been identified in certain Apple products, which poses a risk of modification to protected system files when a specially crafted backup file is restored. This issue has been addressed in the latest versions of iOS, iPadOS, visionOS, and tvOS, including iOS 18.1 and iPadOS 18.1. Customers are encouraged to update their devices to the latest version to mitigate potential security risks associated with this improper handling.",Apple,"Visionos,iOS And iPad OS,TV OS",7.1,HIGH,0.0004400000034365803,false,,false,false,true,2024-10-29T18:45:03.000Z,true,true,false,,2024-10-28T21:15:00.000Z,3166
CVE-2024-44133,https://securityvulnerability.io/vulnerability/CVE-2024-44133,Privacy Bypass Vulnerability Affects macOS Sequoia MDM Managed Devices,"A vulnerability has been identified in Apple’s macOS Sequoia that allows certain applications to bypass established privacy preferences on devices managed by Mobile Device Management (MDM) systems. The issue is addressed in macOS Sequoia 15, effectively removing the vulnerable code and enhancing the security framework. This flaw may pose risks to user data privacy and overall system integrity, necessitating prompt updates to the latest software version for mitigation.",Apple,Mac OS,5.5,MEDIUM,0.0004299999854993075,false,,true,false,true,2024-10-18T21:26:11.000Z,,true,false,,2024-09-17T00:15:00.000Z,5861
CVE-2024-44204,https://securityvulnerability.io/vulnerability/CVE-2024-44204,"iOS and iPadOS Update Fixes Logic Issue, Addresses Saved Passwords Being Read Aloud by VoiceOver",A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver.,Apple,"iPhone OS,iPad OS",5.5,MEDIUM,0.0004299999854993075,false,,true,false,true,2024-10-05T14:58:27.000Z,,false,false,,2024-10-04T00:15:00.000Z,0
CVE-2024-44193,https://securityvulnerability.io/vulnerability/CVE-2024-44193,Logic Issue in iTunes for Windows Leads to Privilege Escalation Vulnerability,A logic issue present in iTunes for Windows has the potential to allow local attackers to elevate their privileges. This vulnerability has been mitigated in iTunes version 12.13.3 through improved restrictions to prevent unauthorized privilege escalation. Users of affected versions are encouraged to upgrade promptly to ensure their systems remain secure.,Apple,Itunes,7.8,HIGH,0.0004299999854993075,false,,false,false,true,2024-10-04T23:20:15.000Z,true,false,false,,2024-10-02T15:15:00.000Z,0
CVE-2024-27815,https://securityvulnerability.io/vulnerability/CVE-2024-27815,"Apple Fixes Out-of-Bounds Write Issue in iOS 17.5, Other Platforms Affected","An out-of-bounds write vulnerability exists in various Apple operating systems where improper input validation may allow a malicious application to execute arbitrary code with kernel privileges. This issue has been addressed in several software updates, significantly enhancing the security posture of devices running affected versions. The updates aim to mitigate the risk of unauthorized access and potential exploitation, ensuring a safer environment for users.",Apple,"iOS And iPad OS,Mac OS,Visionos,Watch OS,TV OS",7.8,HIGH,0.0005699999746866524,false,,true,false,true,2024-06-20T07:03:02.000Z,true,true,true,2024-06-25T14:52:03.016Z,2024-06-10T20:56:39.364Z,3534
CVE-2024-27822,https://securityvulnerability.io/vulnerability/CVE-2024-27822,Apple Fixes Logic Issue to Prevent Root Privileges Escalation,"A critical security vulnerability, identified as CVE-2024-27822, has been discovered in macOS, allowing unauthorized root access. The vulnerability affects multiple versions of macOS and has been exploited in the wild. A proof-of-concept exploit code has been released, increasing the risk of exploitation. Apple is actively working on a patch to address the vulnerability and users are advised to update their software as soon as the patch becomes available. The release of the PoC exploit highlights the importance of timely updates and vigilant security practices.",Apple,Mac OS,7.8,HIGH,0.0005000000237487257,false,,true,false,true,2024-06-04T07:36:51.000Z,,false,false,,2024-05-14T15:13:00.000Z,0
CVE-2024-27818,https://securityvulnerability.io/vulnerability/CVE-2024-27818,iOS 17.5 and iPadOS 17.5 Address Memory Handling Vulnerability,"A vulnerability has been identified in Apple's iOS, iPadOS, and macOS software that stems from improper memory handling. This can potentially allow an attacker to exploit the flaw, leading to unexpected termination of applications or enabling arbitrary code execution. Users are encouraged to update to the latest software versions to mitigate the risks associated with this vulnerability and enhance the overall security of their devices.",Apple,"iOS And iPad OS,Mac OS",7.8,HIGH,0.0005600000149570405,false,,true,false,true,2024-05-16T09:44:07.000Z,,false,false,,2024-05-14T15:13:00.000Z,0
CVE-2024-27804,https://securityvulnerability.io/vulnerability/CVE-2024-27804,"Apple Fixes Memory Handling Issue in iOS 17.5, iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5","A notable memory handling issue has been identified in Apple’s operating systems, which can potentially allow an application to execute arbitrary code with kernel privileges. This vulnerability may exploit the way memory is managed within the affected products, complicating security for users. The issue has been addressed in updates for iOS, iPadOS, tvOS, watchOS, and macOS, emphasizing the importance of timely software updates to mitigate risks associated with such vulnerabilities.",Apple,"iOS And iPad OS,Mac OS,Watch OS,TV OS",5.5,MEDIUM,0.0005000000237487257,false,,true,false,true,2024-05-14T02:03:55.000Z,,true,true,2024-05-14T14:52:02.815Z,2024-05-14T15:13:00.000Z,61191
CVE-2023-42931,https://securityvulnerability.io/vulnerability/CVE-2023-42931,"Apple Fixes Admin Privileges Bypass Vulnerability in macOS Ventura, Sonoma, and Monterey","The vulnerability CVE-2023-42931 affects macOS versions including macOS Monterey, macOS Ventura, and macOS Sonoma. It allows unprivileged users to escalate permissions and gain full root control over the system, affecting internal storage mounted with diskutil. Apple has issued a patch to mitigate the vulnerability. The exploitation of this vulnerability could lead to unauthorized access and control over affected systems, potentially leading to data breaches and system compromise. This flaw has been actively exploited and has significant potential impact, emphasizing the urgency of addressing this vulnerability.",Apple,Mac OS,7.8,HIGH,0.0004199999966658652,false,,true,false,true,2024-03-26T20:01:54.000Z,true,false,false,,2024-03-28T15:39:16.899Z,0
CVE-2024-23296,https://securityvulnerability.io/vulnerability/CVE-2024-23296,Apple Addresses Memory Corruption Issue in iOS 17.4 and iPadOS 17.4,"The articles discuss two iOS zero-day vulnerabilities, CVE-2024-23225 and CVE-2024-23296, that affect a range of iPhone and iPad models. Both vulnerabilities allow attackers to bypass kernel memory protections and may lead to arbitrary code execution. Apple released patches in March and backported them to older devices to address the security flaws. There are reports that both vulnerabilities have been actively exploited, but the nature of these attacks has not been disclosed. The exploitation of these vulnerabilities can pose significant risks to affected devices, and users are strongly advised to update their iOS and iPadOS to the latest versions to mitigate the risks.",Apple,iOS And iPad OS,7.8,HIGH,0.0020699999295175076,true,2024-03-06T00:00:00.000Z,true,false,true,2024-03-06T00:00:00.000Z,,false,false,,2024-03-05T19:24:13.999Z,0
CVE-2024-23225,https://securityvulnerability.io/vulnerability/CVE-2024-23225,Apple Addresses Memory Corruption Issue in iOS and iPadOS,"A memory corruption issue affecting Apple's iOS and iPadOS products has been identified, resulting from insufficient validation mechanisms in kernel memory operations. Attackers possessing the ability to perform arbitrary reading and writing to kernel memory may potentially bypass existing memory protections. Apple has implemented fixes in iOS 16.7.6 and iPadOS 16.7.6, as well as in iOS 17.4 and iPadOS 17.4, to mitigate this vulnerability. There are reports indicating that this issue may have been actively exploited, necessitating immediate attention from users and administrators to update their systems to the latest versions.",Apple,iOS And iPad OS,7.8,HIGH,0.0020699999295175076,true,2024-03-06T00:00:00.000Z,true,false,true,2024-03-06T00:00:00.000Z,,true,true,2024-03-12T02:52:02.218Z,2024-03-05T19:24:12.330Z,14432