cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-54538,https://securityvulnerability.io/vulnerability/CVE-2024-54538,Denial-of-Service Vulnerability in Apple Products Due to Input Validation Issues,"CVE-2024-54538 is a critical denial-of-service vulnerability affecting multiple Apple operating systems. The flaw stems from inadequate input validation, allowing a remote attacker to exploit this vulnerability and potentially disrupt services. Recent updates have addressed this issue, with fixes implemented in visionOS 2.1, iOS 18.1, iPadOS 18.1, iOS 17.7.1, iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, and macOS Ventura 13.7.1. Users are strongly advised to update their devices to mitigate any security risks.",Apple,"Mac OS,iPhone OS,iPad OS,Watch OS,Visionos,TV OS",7.5,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2024-12-20T01:15:00.000Z,0 CVE-2024-54494,https://securityvulnerability.io/vulnerability/CVE-2024-54494,Race Condition Vulnerability in Apple Products,"This vulnerability arises from a race condition affecting several Apple operating systems, allowing attackers to potentially create a read-only memory mapping that can be written to, undermining data integrity and system reliability. Additional validation measures were implemented in the latest updates to mitigate this issue. Users are encouraged to update their devices to the latest software versions to ensure protection against potential exploitation.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",5.9,MEDIUM,0.0008900000248104334,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54508,https://securityvulnerability.io/vulnerability/CVE-2024-54508,Memory Handling Vulnerability in Apple Products,"This vulnerability affects multiple Apple platforms due to inadequate memory management which may allow an attacker to exploit the system by processing specially crafted web content. Such exploitation could lead to unexpected crashes in critical processes, impacting device functionality and user experience. The issue has been rectified in the latest updates of affected products, including iOS, macOS, and Safari, prompting users to upgrade to ensure their devices are secure against potential threats.",Apple,"Watch OS,iPad OS,Mac OS,TV OS,Safari,Visionos,iPhone OS",7.5,HIGH,0.0007399999885819852,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54527,https://securityvulnerability.io/vulnerability/CVE-2024-54527,Data Access Vulnerability in Apple Products,"A vulnerability present in various Apple operating systems allows unauthorized access to sensitive user data by applications. This issue has been addressed through enhanced verification checks in the latest updates, ensuring that sensitive information is better protected. Users are encouraged to update their devices to the latest versions to mitigate potential privacy risks that arise from this flaw.",Apple,"Watch OS,iPad OS,TV OS,iPhone OS,Mac OS",5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,341 CVE-2024-54486,https://securityvulnerability.io/vulnerability/CVE-2024-54486,"Apple Fixes Memory Disclosure Vulnerability in iPadOS, watchOS, tvOS, and macOS Releases","A vulnerability exists within various Apple operating systems that could lead to the disclosure of memory content. This issue arises when processing specially crafted font files, potentially allowing unauthorized access to sensitive process memory. The flaw has been addressed in several updates, including iPadOS 17.7.3, iOS 18.2, and various releases of macOS, watchOS, and visionOS. Users are encouraged to update their devices to mitigate potential risks associated with this issue. For further information, please consult Apple's official support documents.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",6.5,MEDIUM,0.0011599999852478504,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54526,https://securityvulnerability.io/vulnerability/CVE-2024-54526,Access Control Vulnerability in Apple Products,"A security issue has been identified in certain Apple products that could allow an unauthorized malicious app to access users' private information. This vulnerability has been mitigated in the latest updates, which enhance the existing checks to prevent unauthorized access. Users are encouraged to update their devices to the latest versions to ensure adequate protection against potential exploitation.",Apple,"Watch OS,iPad OS,TV OS,iPhone OS,Mac OS",5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54500,https://securityvulnerability.io/vulnerability/CVE-2024-54500,,"The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may result in disclosure of process memory.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54510,https://securityvulnerability.io/vulnerability/CVE-2024-54510,,"A race condition was addressed with improved locking. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to leak sensitive kernel state.",Apple,"Watch OS,TV OS,iPhone OS,Mac OS,iPad OS",5.1,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44290,https://securityvulnerability.io/vulnerability/CVE-2024-44290,Information Disclosure Vulnerability in Apple iOS and iPadOS,"An information disclosure vulnerability was identified in Apple's operating systems, allowing certain applications to ascertain the user's current location. This issue arises due to inadequate redaction of sensitive information. The vulnerability has been rectified in iOS 18.1, iPadOS 18.1, and watchOS 11.1, enhancing the protection of user privacy and safeguarding personal data from unauthorized access.",Apple,"iPad OS,iPhone OS,Watch OS",3.3,LOW,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44201,https://securityvulnerability.io/vulnerability/CVE-2024-44201,,"The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, macOS Ventura 13.7.2, iOS 18.1 and iPadOS 18.1, macOS Sonoma 14.7.2. Processing a malicious crafted file may lead to a denial-of-service.",Apple,"iPhone OS,iPad OS,Mac OS",5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44245,https://securityvulnerability.io/vulnerability/CVE-2024-44245,Memory Handling Vulnerability in Apple Products,"A vulnerability related to memory handling has been identified in several Apple products. This issue poses a risk as an app may exploit it to cause unexpected terminations of the system or potentially corrupt kernel memory. Apple has addressed this vulnerability in various updates across its platforms, including iPadOS 17.7.3, visionOS 2.2, macOS Sequoia 15.2, and more. Users and administrators are encouraged to update their devices to ensure protection against this vulnerability.",Apple,"Visionos,Mac OS,iPad OS,iPhone OS",7.1,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44200,https://securityvulnerability.io/vulnerability/CVE-2024-44200,,This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able to read sensitive location information.,Apple,"iPad OS,iPhone OS",3.3,LOW,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54479,https://securityvulnerability.io/vulnerability/CVE-2024-54479,Web Content Processing Vulnerability in Apple Products,"A vulnerability has been identified in several Apple operating systems and the Safari browser, where the processing of maliciously crafted web content could result in unexpected process crashes. Apple has deployed improved checks to mitigate this issue in the latest updates for iPadOS, watchOS, visionOS, tvOS, macOS, and Safari. Users are encouraged to update their devices to the newest versions to ensure protection against potential exploitation.",Apple,"Watch OS,Mac OS,TV OS,Safari,Visionos,iPhone OS,iPad OS",7.5,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44212,https://securityvulnerability.io/vulnerability/CVE-2024-44212,,"A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin.",Apple,"iPad OS,iPhone OS,Watch OS,Visionos,TV OS,Safari",5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54503,https://securityvulnerability.io/vulnerability/CVE-2024-54503,,An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2. Muting a call while ringing may not result in mute being enabled.,Apple,"iPad OS,iPhone OS",4.2,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54485,https://securityvulnerability.io/vulnerability/CVE-2024-54485,,"The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.3, iOS 18.2 and iPadOS 18.2. An attacker with physical access to an iOS device may be able to view notification content from the lock screen.",Apple,"iPhone OS,iPad OS",2.4,LOW,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44309,https://securityvulnerability.io/vulnerability/CVE-2024-44309,"Safari Addresses Cookie Management Issue, Patches Cross-Site Scripting Flaw","A vulnerability has been identified within Appleā€™s cookie management system, impacting the Safari web browser and several Apple operating systems. The flaw revolves around improper state management which, when exploited, could allow an attacker to perform cross site scripting attacks through maliciously crafted web content. Reports indicate that this vulnerability has been actively exploited on Intel-based Mac systems, emphasizing the urgency for affected users to update to the latest secure versions, which include Safari 18.1.1, iOS 17.7.2, and several others.",Apple,"Mac OS,Visionos,iPhone OS,Safari,iPad OS",6.1,MEDIUM,0.0028899998869746923,true,true,true,true,,false,false,2024-11-20T00:15:00.000Z,185 CVE-2024-44217,https://securityvulnerability.io/vulnerability/CVE-2024-44217,"iOS and iPadOS Fix Permissions Issue, Improve Password Security",The vulnerability addresses a permissions issue where the password autofill feature can potentially populate passwords even after a failed authentication attempt. This flaw was identified and rectified through the removal of vulnerable code and the implementation of additional security checks. Affected users of iOS 18 and iPadOS 18 are advised to update their systems to mitigate risks associated with this issue.,Apple,"iPhone OS,iPad OS",9.1,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-10-28T22:15:00.000Z,0 CVE-2024-44240,https://securityvulnerability.io/vulnerability/CVE-2024-44240,"Apple Fixes Font Memory Disclosure Vulnerability in iOS, macOS, watchOS, and tvOS","The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.",Apple,"Mac OS,iPhone OS,iPad OS,Watch OS,Visionos,TV OS",5.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2024-10-28T22:15:00.000Z,0 CVE-2024-44145,https://securityvulnerability.io/vulnerability/CVE-2024-44145,Bypassing the Lock Screen via Physical Access,"This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15, iOS 18 and iPadOS 18. An attacker with physical access to a macOS device with Sidecar enabled may be able to bypass the Lock Screen.",Apple,"Mac OS,iPhone OS,iPad OS",6.1,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-10-28T22:15:00.000Z,0 CVE-2024-44282,https://securityvulnerability.io/vulnerability/CVE-2024-44282,,"An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Parsing a file may lead to disclosure of user information.",Apple,"Mac OS,iPhone OS,iPad OS,Watch OS,Visionos,TV OS",5.5,MEDIUM,0.0006799999973736703,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44144,https://securityvulnerability.io/vulnerability/CVE-2024-44144,,"A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to unexpected app termination.",Apple,"Watch OS,TV OS,iPhone OS,iPad OS,Mac OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-40853,https://securityvulnerability.io/vulnerability/CVE-2024-40853,,This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be able to use Siri to enable Auto-Answer Calls.,Apple,"iPhone OS,iPad OS",3.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44263,https://securityvulnerability.io/vulnerability/CVE-2024-44263,Logic Issue in Apple iOS and iPadOS Affecting User Data Access,"A logic issue has been identified in Apple's iOS and iPadOS platforms that may permit an app to access sensitive user data without appropriate authorization. This vulnerability, associated with improper state management, can potentially expose personal information if exploited. It is imperative for users to update their devices to iOS 18.1 or iPadOS 18.1 to mitigate the risk of unauthorized data access. Apple has addressed this issue in the latest updates to enhance user security and safeguard sensitive information.",Apple,"iPad OS,iPhone OS",5.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44261,https://securityvulnerability.io/vulnerability/CVE-2024-44261,,"This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen.",Apple,"iPhone OS,iPad OS",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0