cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-54470,https://securityvulnerability.io/vulnerability/CVE-2024-54470,Logic Issue in iOS and iPadOS Allowing Unauthorized Access to Contacts,"An identified logic issue in Apple's iOS and iPadOS allows an attacker with physical access to potentially exploit the lock screen feature. This vulnerability could lead to unauthorized access to contacts, raising concerns about user privacy and data protection. Apple has addressed this issue with improved security checks in the latest versions, iOS 18.1 and iPadOS 18.1, along with updates in versions 17.7.1.",Apple,iOS And iPad OS,4.6,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T19:36:00.992Z,0
CVE-2024-54535,https://securityvulnerability.io/vulnerability/CVE-2024-54535,Path Handling Issue in Apple Calendar Affects iOS and watchOS,"A path handling issue in Apple Calendar was addressed with improved logic, preventing unauthorized access to sensitive calendar data. This vulnerability allows an attacker who has gained access to calendar data to potentially read private reminders. The issue has been resolved in the latest versions of watchOS, visionOS, iOS, and iPadOS, ensuring enhanced protection for users.",Apple,"Visionos,Watch OS,iOS And iPad OS",4.3,MEDIUM,0.000699999975040555,false,false,false,false,false,false,false,2025-01-15T19:36:00.318Z,0
CVE-2024-40854,https://securityvulnerability.io/vulnerability/CVE-2024-40854,"Memory Initialization Issue in Apple iOS, iPadOS, and macOS Products","A memory initialization issue has been identified in Appleā€™s iOS, iPadOS, and macOS, which may allow an application to cause unexpected system terminations. This vulnerability affects various versions, and it has been addressed with enhanced memory handling techniques in iOS 18.1, iPadOS 18.1, and their earlier versions, as well as macOS Sonoma 14.7.1 and Ventura 13.7.1. Users are encouraged to update their devices to mitigate potential risks associated with this vulnerability.",Apple,"Mac OS,iOS And iPad OS",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-15T19:35:59.681Z,0
CVE-2024-40839,https://securityvulnerability.io/vulnerability/CVE-2024-40839,Security Flaw in iOS Affecting Notification Privacy,"A critical issue was identified in iOS and iPadOS that impacts notification privacy by allowing an individual with physical access to an affected device to view sensitive notification contents directly from the Lock Screen. This security weakness has been addressed through improved state management in the latest releases of iOS 17.5 and iPadOS 17.5, closing the gap for potential exploitation.",Apple,iOS And iPad OS,2.4,LOW,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T19:35:59.036Z,0
CVE-2024-40771,https://securityvulnerability.io/vulnerability/CVE-2024-40771,Memory Handling Issue in Apple Products,"A vulnerability has been identified in certain Apple operating systems that could allow an application to execute arbitrary code with kernel privileges. This issue arises due to improper memory handling, potentially leading to unauthorized access and control over the system. Apple has released fixes in the latest updates for macOS, iOS, iPadOS, watchOS, and tvOS to address this critical flaw, emphasizing the importance of keeping devices updated to safeguard against possible exploitation.",Apple,"Mac OS,TV OS,Visionos,iOS And iPad OS,Watch OS",8.4,HIGH,0.0004400000034365803,false,false,false,false,false,false,false,2025-01-15T19:35:58.395Z,0
CVE-2024-27856,https://securityvulnerability.io/vulnerability/CVE-2024-27856,Arbitrary Code Execution Vulnerability in Apple's macOS and iOS Products,"A vulnerability in various Apple products allows an attacker to process a specially crafted file, potentially leading to unexpected app termination or unauthorized arbitrary code execution. This flaw was addressed through enhanced validation checks and has been rectified in recent software updates across devices including macOS, iOS, iPadOS, Safari, watchOS, tvOS, and visionOS. Users are encouraged to update their systems to the latest versions to mitigate any risk associated with this vulnerability.",Apple,"TV OS,Visionos,Safari,iOS And iPad OS,Watch OS,Mac OS",7.8,HIGH,0.0004400000034365803,false,false,false,false,false,false,false,2025-01-15T19:35:57.075Z,0
CVE-2024-44136,https://securityvulnerability.io/vulnerability/CVE-2024-44136,Physical Access Exploit in Apple's iOS and iPadOS Stolen Device Protection Feature,"A state management issue has been identified in Apple's iOS and iPadOS, allowing an attacker with physical access to a device to disable the Stolen Device Protection feature. This could leave the device vulnerable to unauthorized use. Apple has addressed this issue in iOS 17.5 and iPadOS 17.5, enhancing the security of the devices against such exploitation.",Apple,iOS And iPad OS,9.1,CRITICAL,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T19:35:56.404Z,0
CVE-2024-54514,https://securityvulnerability.io/vulnerability/CVE-2024-54514,Sandbox Escape Vulnerability in Apple Products,"A vulnerability has been identified in Apple software that could allow an application to break out of its designated sandbox environment. This security flaw was addressed through enhancements in checks within the affected software versions. Users are encouraged to update their devices promptly to the latest versions of watchOS, tvOS, macOS, iOS, and iPadOS to mitigate any potential security risks associated with this vulnerability. Apple has implemented fixes in versions including watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2, iPadOS 18.2, macOS Ventura 13.7.2, and macOS Sonoma 14.7.2.",Apple,"TV OS,Mac OS,Watch OS,iOS And iPad OS",8.6,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54505,https://securityvulnerability.io/vulnerability/CVE-2024-54505,iPadOS 17.7.3 addresses type confusion issue to prevent memory corruption,"A type confusion vulnerability has been identified in several Apple operating systems and applications that could allow attackers to execute maliciously crafted web content. This vulnerability stems from improper memory handling practices that may lead to memory corruption, posing risks to users' data integrity and security. Apple has addressed this flaw in specific versions including iPadOS, watchOS, macOS, and Safari, with patches already implemented in the latest updates. Users are encouraged to update their devices to safeguard against potential exploitation of this vulnerability.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iPad OS,iOS And iPad OS,Safari",8.8,HIGH,0.0010600000387057662,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,765
CVE-2024-54513,https://securityvulnerability.io/vulnerability/CVE-2024-54513,Permissions Issue in Apple Products Leading to Sensitive Data Exposure,"A significant permissions issue has been identified in Apple's software ecosystem, enabling potential unauthorized access to sensitive user information. The vulnerability affects various products, necessitating careful management of user data permissions. Users on affected operating systems, including watchOS, iOS, macOS, and more, should stay informed about updates that address these concerns. Apple has released updates in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2 to mitigate risks associated with this vulnerability.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS",5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44299,https://securityvulnerability.io/vulnerability/CVE-2024-44299,Bounds Check Vulnerability in Apple iOS and iPadOS,"A bounds check vulnerability in the DCP firmware of Apple iOS and iPadOS can potentially lead to unexpected system termination or arbitrary code execution. With the flaws addressed in the recent updates for iOS 18.1 and iPadOS 18.1, users are encouraged to apply these updates to mitigate the risk.",Apple,iOS And iPad OS,9.8,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54534,https://securityvulnerability.io/vulnerability/CVE-2024-54534,Safari 18.2 Fixes Memory Handling Issue to Prevent Malicious Content Abuse,"A memory corruption vulnerability has been identified affecting various Apple operating systems. This issue is caused by mishandling of memory when processing specially crafted web content, which can lead to unintended behavior or crashes. The vulnerability has been mitigated in the latest updates for watchOS, visionOS, tvOS, macOS, Safari, iOS, and iPadOS. Users are strongly advised to apply the corresponding updates to ensure protection against potential exploits that may arise from this issue.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS,Safari",9.8,CRITICAL,0.001069999998435378,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54492,https://securityvulnerability.io/vulnerability/CVE-2024-54492,"Apple Addresses Network Traffic Alteration Vulnerability in macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2","This vulnerability concerns a security flaw in Apple's operating systems that could allow an attacker positioned within a privileged network to intercept and manipulate network traffic. The issue arises from the application's failure to utilize HTTPS efficiently when transmitting sensitive information across the network. As a consequence, there is a risk of exposure to man-in-the-middle attacks, potentially compromising the integrity of user data. Apple has addressed this vulnerability in macOS Sequoia 15.2, iOS 18.2, iPadOS 18.2, iPadOS 17.7.3, and visionOS 2.2 by enhancing the handling of network communications.",Apple,"Visionos,Mac OS,iPad OS,iOS And iPad OS",5.9,MEDIUM,0.000539999979082495,false,false,false,false,,true,false,2024-12-12T02:15:00.000Z,8186
CVE-2024-54501,https://securityvulnerability.io/vulnerability/CVE-2024-54501,Denial of Service Vulnerability in Apple iOS and macOS Products,"This vulnerability allows for a denial of service condition caused by the processing of a maliciously crafted file. It has been addressed with improved validation checks across several Apple operating systems, including iPadOS, macOS, and watchOS. Users are encouraged to update to the latest versions to mitigate this risk.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iPad OS,iOS And iPad OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44246,https://securityvulnerability.io/vulnerability/CVE-2024-44246,Routing Issue in Safari Affects Apple Devices with Private Relay,"A routing issue within Safari has been discovered, specifically impacting Apple devices with Private Relay enabled. When a user adds a website to the Safari Reading List, this flaw may inadvertently expose the user's originating IP address to the website, compromising user privacy and security. This issue has been addressed in the latest updates, ensuring that user data remains protected.",Apple,"Mac OS,iPad OS,iOS And iPad OS,Safari",5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44242,https://securityvulnerability.io/vulnerability/CVE-2024-44242,Arbitrary Code Execution Vulnerability in DCP Firmware Affecting Apple iOS and iPadOS,"The vulnerability identified in DCP firmware allows an attacker to potentially cause unexpected system termination or execute arbitrary code by exploiting insufficient bounds checks present in the software. The issue has been addressed in the latest updates for iOS and iPadOS, which highlights the importance of keeping devices up-to-date to mitigate such security risks. Users are advised to upgrade to iOS 18.1 and iPadOS 18.1 to ensure the protection against this vulnerability.",Apple,iOS And iPad OS,9.8,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44225,https://securityvulnerability.io/vulnerability/CVE-2024-44225,Logic Issue in Apple iPadOS and macOS Products Leading to Elevated Privileges,"A logic flaw has been identified in various Apple operating systems, including iPadOS, watchOS, tvOS, and macOS. This vulnerability enables unauthorized applications to potentially gain elevated privileges, allowing them to execute actions without the user's consent. Apple has released updates for compromised versions to address this loophole, enhancing the security of the affected systems. It is crucial for users to update their devices to the latest versions to mitigate the risk associated with this vulnerability.",Apple,"TV OS,Mac OS,Watch OS,iPad OS,iOS And iPad OS",7.8,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-54502,https://securityvulnerability.io/vulnerability/CVE-2024-54502,Safari Update Fixes Process Crash Issues with Maliciously Crafted Web Content,"A vulnerability exists within various Apple operating systems that can be triggered by processing malformed web content. This issue can lead to an unexpected process crash, potentially disrupting user experience and application functionality. The vulnerability has been mitigated with enhanced checks in the latest software updates, which secure affected systems against exploitation from specially crafted web content.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS,Safari",6.5,MEDIUM,0.0006200000061653554,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,161
CVE-2024-44241,https://securityvulnerability.io/vulnerability/CVE-2024-44241,Bounds Check Vulnerability in DCP Firmware of Apple Devices,"A vulnerability exists in the DCP firmware of Apple devices that could allow an attacker to exploit insufficient bounds checks. This flaw may lead to unexpected system termination or the potential for arbitrary code execution, impacting the stability and security of affected devices. The issue has been addressed in the latest updates available for iOS and iPadOS, specifically version 18.1. Users are encouraged to update their devices to mitigate the risk associated with this vulnerability.",Apple,iOS And iPad OS,9.8,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0
CVE-2024-44308,https://securityvulnerability.io/vulnerability/CVE-2024-44308,"Apple Addresses Web Content Execution Vulnerability in Safari, macOS Sequoia, iOS, iPadOS, and visionOS","A vulnerability exists within Apple Safari and various iOS products that allows for arbitrary code execution via specially crafted web content. The flaw was addressed with improved checks to mitigate the exploitation risk. Apple has released security updates for affected products including Safari, iOS, iPadOS, and macOS Sequoia versions, noting that there are indications this vulnerability may have been actively exploited on Intel-based Mac systems. Users are strongly encouraged to update their devices to the latest versions to enhance security.",Apple,"Safari,Mac OS,iOS And iPad OS,Visionos",8.8,HIGH,0.0017999999690800905,true,true,false,true,,true,false,2024-11-20T00:15:00.000Z,4878
CVE-2024-44233,https://securityvulnerability.io/vulnerability/CVE-2024-44233,Apple Fixes Parsing Bug in macOS That Could Lead to Unexpected System Termination,"The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,"Mac OS,Visionos,iOS And iPad OS,TV OS,Watch OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-11-01T20:41:58.745Z,0
CVE-2024-44232,https://securityvulnerability.io/vulnerability/CVE-2024-44232,"Apple Fixes Video File Parsing Vulnerability in macOS, watchOS, tvOS, and iOS","The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,"Mac OS,Visionos,iOS And iPad OS,TV OS,Watch OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-11-01T20:41:57.990Z,0
CVE-2024-44234,https://securityvulnerability.io/vulnerability/CVE-2024-44234,Improved Bounds Checks to Mitigate Parsing Vulnerability,"The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,"Mac OS,Visionos,iOS And iPad OS,TV OS,Watch OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-11-01T20:41:55.504Z,0
CVE-2024-44229,https://securityvulnerability.io/vulnerability/CVE-2024-44229,Information Leakage in Apple's Safari and Related Operating Systems,"An information leakage vulnerability was identified in Apple products, notably affecting Safari and various operating systems. This issue allowed private browsing sessions to unintentionally expose browsing history, raising concerns about user privacy. Apple addressed this vulnerability with additional validation measures in the latest updates of visionOS, iOS, iPadOS, macOS, and Safari, ensuring enhanced security for users during private browsing activities.",Apple,"Visionos,iOS And iPad OS,Mac OS,Safari",5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0
CVE-2024-40867,https://securityvulnerability.io/vulnerability/CVE-2024-40867,Input Validation Flaw in iOS and iPadOS by Apple,"A vulnerability exists in Apple's iOS and iPadOS that pertains to the handling of custom URL schemes. The issue stems from inadequate input validation, which could allow remote attackers to escape the confines of the Web Content sandbox. This flaw emphasizes the importance of robust oversight in input validation mechanisms to prevent potential exploitation. The vulnerability has been addressed in recent updates, specifically versions 18.1 of iOS and iPadOS.",Apple,iOS And iPad OS,9.6,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0