cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-54538,https://securityvulnerability.io/vulnerability/CVE-2024-54538,Denial-of-Service Vulnerability in Apple Products Due to Input Validation Issues,"CVE-2024-54538 is a critical denial-of-service vulnerability affecting multiple Apple operating systems. The flaw stems from inadequate input validation, allowing a remote attacker to exploit this vulnerability and potentially disrupt services. Recent updates have addressed this issue, with fixes implemented in visionOS 2.1, iOS 18.1, iPadOS 18.1, iOS 17.7.1, iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, and macOS Ventura 13.7.1. Users are strongly advised to update their devices to mitigate any security risks.",Apple,"Mac OS,iPhone OS,iPad OS,Watch OS,Visionos,TV OS",7.5,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2024-12-20T01:15:00.000Z,0 CVE-2024-54505,https://securityvulnerability.io/vulnerability/CVE-2024-54505,iPadOS 17.7.3 addresses type confusion issue to prevent memory corruption,"A type confusion vulnerability has been identified in several Apple operating systems and applications that could allow attackers to execute maliciously crafted web content. This vulnerability stems from improper memory handling practices that may lead to memory corruption, posing risks to users' data integrity and security. Apple has addressed this flaw in specific versions including iPadOS, watchOS, macOS, and Safari, with patches already implemented in the latest updates. Users are encouraged to update their devices to safeguard against potential exploitation of this vulnerability.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iPad OS,iOS And iPad OS,Safari",8.8,HIGH,0.0010600000387057662,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,765 CVE-2024-44212,https://securityvulnerability.io/vulnerability/CVE-2024-44212,,"A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin.",Apple,"iPad OS,iPhone OS,Watch OS,Visionos,TV OS,Safari",5.3,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54500,https://securityvulnerability.io/vulnerability/CVE-2024-54500,,"The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may result in disclosure of process memory.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54492,https://securityvulnerability.io/vulnerability/CVE-2024-54492,"Apple Addresses Network Traffic Alteration Vulnerability in macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2","This vulnerability concerns a security flaw in Apple's operating systems that could allow an attacker positioned within a privileged network to intercept and manipulate network traffic. The issue arises from the application's failure to utilize HTTPS efficiently when transmitting sensitive information across the network. As a consequence, there is a risk of exposure to man-in-the-middle attacks, potentially compromising the integrity of user data. Apple has addressed this vulnerability in macOS Sequoia 15.2, iOS 18.2, iPadOS 18.2, iPadOS 17.7.3, and visionOS 2.2 by enhancing the handling of network communications.",Apple,"Visionos,Mac OS,iPad OS,iOS And iPad OS",5.9,MEDIUM,0.000539999979082495,false,false,false,false,,true,false,2024-12-12T02:15:00.000Z,8186 CVE-2024-54486,https://securityvulnerability.io/vulnerability/CVE-2024-54486,"Apple Fixes Memory Disclosure Vulnerability in iPadOS, watchOS, tvOS, and macOS Releases","A vulnerability exists within various Apple operating systems that could lead to the disclosure of memory content. This issue arises when processing specially crafted font files, potentially allowing unauthorized access to sensitive process memory. The flaw has been addressed in several updates, including iPadOS 17.7.3, iOS 18.2, and various releases of macOS, watchOS, and visionOS. Users are encouraged to update their devices to mitigate potential risks associated with this issue. For further information, please consult Apple's official support documents.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",6.5,MEDIUM,0.0011599999852478504,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54534,https://securityvulnerability.io/vulnerability/CVE-2024-54534,Safari 18.2 Fixes Memory Handling Issue to Prevent Malicious Content Abuse,"A memory corruption vulnerability has been identified affecting various Apple operating systems. This issue is caused by mishandling of memory when processing specially crafted web content, which can lead to unintended behavior or crashes. The vulnerability has been mitigated in the latest updates for watchOS, visionOS, tvOS, macOS, Safari, iOS, and iPadOS. Users are strongly advised to apply the corresponding updates to ensure protection against potential exploits that may arise from this issue.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS,Safari",9.8,CRITICAL,0.001069999998435378,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54508,https://securityvulnerability.io/vulnerability/CVE-2024-54508,Memory Handling Vulnerability in Apple Products,"This vulnerability affects multiple Apple platforms due to inadequate memory management which may allow an attacker to exploit the system by processing specially crafted web content. Such exploitation could lead to unexpected crashes in critical processes, impacting device functionality and user experience. The issue has been rectified in the latest updates of affected products, including iOS, macOS, and Safari, prompting users to upgrade to ensure their devices are secure against potential threats.",Apple,"Watch OS,iPad OS,Mac OS,TV OS,Safari,Visionos,iPhone OS",7.5,HIGH,0.0007399999885819852,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54502,https://securityvulnerability.io/vulnerability/CVE-2024-54502,Safari Update Fixes Process Crash Issues with Maliciously Crafted Web Content,"A vulnerability exists within various Apple operating systems that can be triggered by processing malformed web content. This issue can lead to an unexpected process crash, potentially disrupting user experience and application functionality. The vulnerability has been mitigated with enhanced checks in the latest software updates, which secure affected systems against exploitation from specially crafted web content.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS,Safari",6.5,MEDIUM,0.0006200000061653554,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,161 CVE-2024-54479,https://securityvulnerability.io/vulnerability/CVE-2024-54479,Web Content Processing Vulnerability in Apple Products,"A vulnerability has been identified in several Apple operating systems and the Safari browser, where the processing of maliciously crafted web content could result in unexpected process crashes. Apple has deployed improved checks to mitigate this issue in the latest updates for iPadOS, watchOS, visionOS, tvOS, macOS, and Safari. Users are encouraged to update their devices to the newest versions to ensure protection against potential exploitation.",Apple,"Watch OS,Mac OS,TV OS,Safari,Visionos,iPhone OS,iPad OS",7.5,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54501,https://securityvulnerability.io/vulnerability/CVE-2024-54501,,"The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted file may lead to a denial of service.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iPad OS,iOS And iPad OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54513,https://securityvulnerability.io/vulnerability/CVE-2024-54513,Permissions Issue in Apple Products Leading to Sensitive Data Exposure,"A significant permissions issue has been identified in Apple's software ecosystem, enabling potential unauthorized access to sensitive user information. The vulnerability affects various products, necessitating careful management of user data permissions. Users on affected operating systems, including watchOS, iOS, macOS, and more, should stay informed about updates that address these concerns. Apple has released updates in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2, and iPadOS 18.2 to mitigate risks associated with this vulnerability.",Apple,"TV OS,Visionos,Mac OS,Watch OS,iOS And iPad OS",5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-54494,https://securityvulnerability.io/vulnerability/CVE-2024-54494,Race Condition Vulnerability in Apple Products,"This vulnerability arises from a race condition affecting several Apple operating systems, allowing attackers to potentially create a read-only memory mapping that can be written to, undermining data integrity and system reliability. Additional validation measures were implemented in the latest updates to mitigate this issue. Users are encouraged to update their devices to the latest software versions to ensure protection against potential exploitation.",Apple,"Watch OS,TV OS,Visionos,iPhone OS,Mac OS,iPad OS",5.9,MEDIUM,0.0008900000248104334,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44245,https://securityvulnerability.io/vulnerability/CVE-2024-44245,Memory Handling Vulnerability in Apple Products,"A vulnerability related to memory handling has been identified in several Apple products. This issue poses a risk as an app may exploit it to cause unexpected terminations of the system or potentially corrupt kernel memory. Apple has addressed this vulnerability in various updates across its platforms, including iPadOS 17.7.3, visionOS 2.2, macOS Sequoia 15.2, and more. Users and administrators are encouraged to update their devices to ensure protection against this vulnerability.",Apple,"Visionos,Mac OS,iPad OS,iPhone OS",7.1,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-12-12T02:15:00.000Z,0 CVE-2024-44309,https://securityvulnerability.io/vulnerability/CVE-2024-44309,"Safari Addresses Cookie Management Issue, Patches Cross-Site Scripting Flaw","A vulnerability has been identified within Appleā€™s cookie management system, impacting the Safari web browser and several Apple operating systems. The flaw revolves around improper state management which, when exploited, could allow an attacker to perform cross site scripting attacks through maliciously crafted web content. Reports indicate that this vulnerability has been actively exploited on Intel-based Mac systems, emphasizing the urgency for affected users to update to the latest secure versions, which include Safari 18.1.1, iOS 17.7.2, and several others.",Apple,"Mac OS,Visionos,iPhone OS,Safari,iPad OS",6.1,MEDIUM,0.0028899998869746923,true,true,true,true,,false,false,2024-11-20T00:15:00.000Z,185 CVE-2024-44308,https://securityvulnerability.io/vulnerability/CVE-2024-44308,"Apple Addresses Web Content Execution Vulnerability in Safari, macOS Sequoia, iOS, iPadOS, and visionOS","A vulnerability exists within Apple Safari and various iOS products that allows for arbitrary code execution via specially crafted web content. The flaw was addressed with improved checks to mitigate the exploitation risk. Apple has released security updates for affected products including Safari, iOS, iPadOS, and macOS Sequoia versions, noting that there are indications this vulnerability may have been actively exploited on Intel-based Mac systems. Users are strongly encouraged to update their devices to the latest versions to enhance security.",Apple,"Safari,Mac OS,iOS And iPad OS,Visionos",8.8,HIGH,0.0017999999690800905,true,true,false,true,,true,false,2024-11-20T00:15:00.000Z,4878 CVE-2024-44233,https://securityvulnerability.io/vulnerability/CVE-2024-44233,Apple Fixes Parsing Bug in macOS That Could Lead to Unexpected System Termination,"The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,"Mac OS,Visionos,iOS And iPad OS,TV OS,Watch OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-11-01T20:41:58.745Z,0 CVE-2024-44232,https://securityvulnerability.io/vulnerability/CVE-2024-44232,"Apple Fixes Video File Parsing Vulnerability in macOS, watchOS, tvOS, and iOS","The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,"Mac OS,Visionos,iOS And iPad OS,TV OS,Watch OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-11-01T20:41:57.990Z,0 CVE-2024-44234,https://securityvulnerability.io/vulnerability/CVE-2024-44234,Improved Bounds Checks to Mitigate Parsing Vulnerability,"The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.",Apple,"Mac OS,Visionos,iOS And iPad OS,TV OS,Watch OS",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2024-11-01T20:41:55.504Z,0 CVE-2024-44240,https://securityvulnerability.io/vulnerability/CVE-2024-44240,"Apple Fixes Font Memory Disclosure Vulnerability in iOS, macOS, watchOS, and tvOS","The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.",Apple,"Mac OS,iPhone OS,iPad OS,Watch OS,Visionos,TV OS",5.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2024-10-28T22:15:00.000Z,0 CVE-2024-44255,https://securityvulnerability.io/vulnerability/CVE-2024-44255,Path Handling Flaw in Apple iOS and macOS Products,This vulnerability relates to a path handling flaw within Apple's ecosystem of operating systems. The issue allows potentially malicious applications to execute arbitrary shortcuts without the necessary user consent. Apple has addressed this vulnerability by implementing improved logic in the affected products. Users are encouraged to update to the latest versions to mitigate exposure to this risk.,Apple,"Mac OS,Visionos,TV OS,Watch OS,iOS And iPad OS",7.8,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44252,https://securityvulnerability.io/vulnerability/CVE-2024-44252,Logic Issue in Apple iOS and iPadOS File Handling,"A logic issue in the file handling mechanism of Apple's iOS and iPadOS was identified, leading to potential risks during the restoration of maliciously crafted backup files. This vulnerability could allow for the unintended modification of protected system files. The issue has been addressed in updates for iOS 18.1, iPadOS 18.1, iOS 17.7.1, iPadOS 17.7.1, as well as visionOS 2.1 and tvOS 18.1, enhancing the security measures against such exploits.",Apple,"Visionos,iOS And iPad OS,TV OS",7.1,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44296,https://securityvulnerability.io/vulnerability/CVE-2024-44296,"Apple Addresses Content Security Policy Enforcement Issue in iOS, iPadOS, watchOS, and tvOS Updates","The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.",Apple,"Visionos,iOS And iPad OS,TV OS,Watch OS,Mac OS,Safari",5.4,MEDIUM,0.0007300000288523734,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44126,https://securityvulnerability.io/vulnerability/CVE-2024-44126,Heap Corruption Vulnerability in Apple macOS and iOS Products,"A vulnerability exists within various Apple operating systems that can lead to heap corruption when processing a specially crafted file. This issue has been addressed with improvements in the validation process to enhance security and prevent potential exploitation. Users are encouraged to update to the latest versions, including macOS Ventura 13.7.1, macOS Sequoia 15, iOS 17.7, and iPadOS 17.7, as well as macOS Sonoma 14.7, visionOS 2, iOS 18, and iPadOS 18, where this issue has been rectified.",Apple,"Mac OS,Visionos,iOS And iPad OS",7.8,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2024-10-28T21:15:00.000Z,0 CVE-2024-44258,https://securityvulnerability.io/vulnerability/CVE-2024-44258,Handling of Symlinks Improved to Address Security Risks,"A vulnerability related to symlink handling has been identified in certain Apple products, which poses a risk of modification to protected system files when a specially crafted backup file is restored. This issue has been addressed in the latest versions of iOS, iPadOS, visionOS, and tvOS, including iOS 18.1 and iPadOS 18.1. Customers are encouraged to update their devices to the latest version to mitigate potential security risks associated with this improper handling.",Apple,"Visionos,iOS And iPad OS,TV OS",7.1,HIGH,0.0004400000034365803,false,false,false,true,true,true,false,2024-10-28T21:15:00.000Z,3166