cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-54534,https://securityvulnerability.io/vulnerability/CVE-2024-54534,Safari 18.2 Fixes Memory Handling Issue to Prevent Malicious Content Abuse,"A memory corruption vulnerability has been identified affecting various Apple operating systems. This issue is caused by mishandling of memory when processing specially crafted web content, which can lead to unintended behavior or crashes. The vulnerability has been mitigated in the latest updates for watchOS, visionOS, tvOS, macOS, Safari, iOS, and iPadOS. Users are strongly advised to apply the corresponding updates to ensure protection against potential exploits that may arise from this issue.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS,Safari",9.8,CRITICAL,0.001069999998435378,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54508,https://securityvulnerability.io/vulnerability/CVE-2024-54508,Memory Handling Vulnerability in Apple Products,"This vulnerability affects multiple Apple platforms due to inadequate memory management which may allow an attacker to exploit the system by processing specially crafted web content. Such exploitation could lead to unexpected crashes in critical processes, impacting device functionality and user experience. The issue has been rectified in the latest updates of affected products, including iOS, macOS, and Safari, prompting users to upgrade to ensure their devices are secure against potential threats.",Apple,"Watch OS,iPad OS,Mac OS,TV OS,Safari,Visionos,iPhone OS",7.5,HIGH,0.0007399999885819852,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44246,https://securityvulnerability.io/vulnerability/CVE-2024-44246,,"The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website.",Apple,"Mac OS,iPad OS,iOS And iPad OS,Safari",5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54479,https://securityvulnerability.io/vulnerability/CVE-2024-54479,Web Content Processing Vulnerability in Apple Products,"A vulnerability has been identified in several Apple operating systems and the Safari browser, where the processing of maliciously crafted web content could result in unexpected process crashes. Apple has deployed improved checks to mitigate this issue in the latest updates for iPadOS, watchOS, visionOS, tvOS, macOS, and Safari. Users are encouraged to update their devices to the newest versions to ensure protection against potential exploitation.",Apple,"Watch OS,Mac OS,TV OS,Safari,Visionos,iPhone OS,iPad OS",7.5,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54505,https://securityvulnerability.io/vulnerability/CVE-2024-54505,iPadOS 17.7.3 addresses type confusion issue to prevent memory corruption,"A type confusion vulnerability has been identified in several Apple operating systems and applications that could allow attackers to execute maliciously crafted web content. This vulnerability stems from improper memory handling practices that may lead to memory corruption, posing risks to users' data integrity and security. Apple has addressed this flaw in specific versions including iPadOS, watchOS, macOS, and Safari, with patches already implemented in the latest updates. Users are encouraged to update their devices to safeguard against potential exploitation of this vulnerability.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iPad OS,iOS And iPad OS,Safari",8.8,HIGH,0.0010600000387057662,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,765 CVE-2024-54502,https://securityvulnerability.io/vulnerability/CVE-2024-54502,Safari Update Fixes Process Crash Issues with Maliciously Crafted Web Content,"A vulnerability exists within various Apple operating systems that can be triggered by processing malformed web content. This issue can lead to an unexpected process crash, potentially disrupting user experience and application functionality. The vulnerability has been mitigated with enhanced checks in the latest software updates, which secure affected systems against exploitation from specially crafted web content.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS,Safari",6.5,MEDIUM,0.0006200000061653554,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,161 CVE-2024-44212,https://securityvulnerability.io/vulnerability/CVE-2024-44212,,"A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin.",Apple,"iPad OS,iPhone OS,Watch OS,Visionos,TV OS,Safari",5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44308,https://securityvulnerability.io/vulnerability/CVE-2024-44308,"Apple Addresses Web Content Execution Vulnerability in Safari, macOS Sequoia, iOS, iPadOS, and visionOS","A vulnerability exists within Apple Safari and various iOS products that allows for arbitrary code execution via specially crafted web content. The flaw was addressed with improved checks to mitigate the exploitation risk. Apple has released security updates for affected products including Safari, iOS, iPadOS, and macOS Sequoia versions, noting that there are indications this vulnerability may have been actively exploited on Intel-based Mac systems. Users are strongly encouraged to update their devices to the latest versions to enhance security.",Apple,"Safari,Mac OS,iOS And iPad OS,Visionos",8.8,HIGH,0.0017999999690800905,true,true,false,true,,true,false,2024-11-20T00:15:00.000Z,4878 CVE-2024-44309,https://securityvulnerability.io/vulnerability/CVE-2024-44309,"Safari Addresses Cookie Management Issue, Patches Cross-Site Scripting Flaw","A vulnerability has been identified within Appleā€™s cookie management system, impacting the Safari web browser and several Apple operating systems. The flaw revolves around improper state management which, when exploited, could allow an attacker to perform cross site scripting attacks through maliciously crafted web content. Reports indicate that this vulnerability has been actively exploited on Intel-based Mac systems, emphasizing the urgency for affected users to update to the latest secure versions, which include Safari 18.1.1, iOS 17.7.2, and several others.",Apple,"Mac OS,Visionos,iPhone OS,Safari,iPad OS",6.1,MEDIUM,0.0028899998869746923,true,true,true,true,,false,false,2024-11-20T00:15:00.000Z,185 CVE-2024-44155,https://securityvulnerability.io/vulnerability/CVE-2024-44155,,"A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Maliciously crafted web content may violate iframe sandboxing policy.",Apple,"Mac OS,iOS And iPad OS,Watch OS,Safari",6.5,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44259,https://securityvulnerability.io/vulnerability/CVE-2024-44259,State Management Vulnerability in Apple Products,"A vulnerability exists within the state management of certain Apple products, enabling potential attackers to misuse established trust relationships to download malicious content onto user devices. This issue has been addressed in recent updates, specifically in iOS 17.7.1, iPadOS 17.7.1, visionOS 2.1, iOS 18.1, iPadOS 18.1, macOS Sequoia 15.1, and Safari 18.1. Users are encouraged to update their devices to ensure they are protected against this type of exploitation.",Apple,"Visionos,iOS And iPad OS,Mac OS,Safari",7.5,HIGH,0.0006000000284984708,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44244,https://securityvulnerability.io/vulnerability/CVE-2024-44244,,"A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.",Apple,"Visionos,TV OS,Watch OS,iOS And iPad OS,Mac OS,Safari",4.3,MEDIUM,0.0006300000241026282,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44296,https://securityvulnerability.io/vulnerability/CVE-2024-44296,"Apple Addresses Content Security Policy Enforcement Issue in iOS, iPadOS, watchOS, and tvOS Updates","The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.",Apple,"Visionos,iOS And iPad OS,TV OS,Watch OS,Mac OS,Safari",5.4,MEDIUM,0.0007300000288523734,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44229,https://securityvulnerability.io/vulnerability/CVE-2024-44229,,"An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. Private browsing may leak some browsing history.",Apple,"Visionos,iOS And iPad OS,Mac OS,Safari",5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44206,https://securityvulnerability.io/vulnerability/CVE-2024-44206,Apple Addresses Issue with URL Protocol Handling,"An issue exists in URL protocol handling that may lead to the circumvention of web content restrictions in certain Apple products. This vulnerability has been addressed with improved logic in recent versions of tvOS, visionOS, Safari, watchOS, iOS, iPadOS, and macOS. Users are encouraged to update their devices to the latest software versions to mitigate potential risks associated with this vulnerability.",Apple,"Watch OS,Mac OS,Safari,iOS And iPad OS,TV OS,Visionos",9.3,CRITICAL,0.0006600000197067857,false,false,false,false,,false,false,2024-10-24T16:40:46.107Z,0 CVE-2024-44185,https://securityvulnerability.io/vulnerability/CVE-2024-44185,Apple Fixes Process Crash Vulnerability in iOS 17.6,"The issue was addressed with improved checks. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.",Apple,"Watch OS,Mac OS,Safari,iOS And iPad OS,TV OS,Visionos",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-10-24T16:40:36.055Z,0 CVE-2024-44187,https://securityvulnerability.io/vulnerability/CVE-2024-44187,Apple Safari Fixes Cross-Origin Issue to Protect Users' Data,"A vulnerability exists in Apple products due to improper handling of 'iframe' elements, which can lead to cross-origin data exfiltration. This security issue could enable malicious websites to unintentionally access sensitive user data from other domains. Apple has addressed this vulnerability in several updates, including Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18, iPadOS 18, and tvOS 18, emphasizing the importance of keeping software up to date for personal data protection.",Apple,"Mac OS,iPhone OS,iPad OS,Visionos,Watch OS,TV OS,Safari",6.5,MEDIUM,0.000699999975040555,false,false,false,false,,false,false,2024-09-17T00:15:00.000Z,0 CVE-2024-40857,https://securityvulnerability.io/vulnerability/CVE-2024-40857,Safari Addressed Malicious Web Content Processing Flaw,"This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting.",Apple,"Mac OS,iPhone OS,iPad OS,Visionos,Watch OS,TV OS,Safari",6.1,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2024-09-17T00:15:00.000Z,0 CVE-2024-40794,https://securityvulnerability.io/vulnerability/CVE-2024-40794,Safari Private Browsing Tab Access Fix,"This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication.",Apple,"Safari,iOS And iPad OS,Mac OS",5.3,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2024-07-29T22:17:20.010Z,0 CVE-2024-40782,https://securityvulnerability.io/vulnerability/CVE-2024-40782,Safari Fixes Use-After-Free Issue to Prevent Process Crashes,"A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.",Apple,"Safari,iOS And iPad OS,Watch OS,Mac OS,Visionos,TV OS",6.5,MEDIUM,0.0007699999841861427,false,false,false,false,,false,false,2024-07-29T22:17:16.599Z,0 CVE-2024-40776,https://securityvulnerability.io/vulnerability/CVE-2024-40776,"Apple Addresses Use-After-Free Vulnerability in iOS, iPadOS, macOS, and Other Products","A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.",Apple,"Safari,iOS And iPad OS,Watch OS,Mac OS,Visionos,TV OS",4.3,MEDIUM,0.0011500000255182385,false,false,false,false,,false,false,2024-07-29T22:17:08.706Z,0 CVE-2024-40789,https://securityvulnerability.io/vulnerability/CVE-2024-40789,Safari Addresses Out-of-Bounds Access Issue,"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.",Apple,"Safari,iOS And iPad OS,Watch OS,Mac OS,Visionos,TV OS",6.5,MEDIUM,0.0013899999903514981,false,false,false,false,,false,false,2024-07-29T22:16:57.905Z,0 CVE-2024-40785,https://securityvulnerability.io/vulnerability/CVE-2024-40785,Apple Safari Fixes Cross-Site Scripting Vulnerability,"This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.",Apple,"Safari,iOS And iPad OS,Watch OS,Mac OS,Visionos,TV OS",6.1,MEDIUM,0.0007800000021234155,false,false,false,false,,false,false,2024-07-29T22:16:56.242Z,0 CVE-2024-40817,https://securityvulnerability.io/vulnerability/CVE-2024-40817,Safari Patches UI Spoofing Vulnerability,"The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6, Safari 17.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Visiting a website that frames malicious content may lead to UI spoofing.",Apple,"Safari,Mac OS",6.1,MEDIUM,0.0008999999845400453,false,false,false,false,,false,false,2024-07-29T22:16:51.142Z,0 CVE-2024-40780,https://securityvulnerability.io/vulnerability/CVE-2024-40780,Safari 17.6 Update Fixes Out-of-Bounds Read Issue,"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.",Apple,"Safari,iOS And iPad OS,Watch OS,Mac OS,Visionos,TV OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-07-29T22:16:37.836Z,0