Export limit exceeded: 342057 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4308 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-28858 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-04-02 | 9.8 Critical |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote user may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2026-20642 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-04-02 | 2.4 Low |
| An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen. | ||||
| CVE-2024-40863 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information. | ||||
| CVE-2026-20643 | 1 Apple | 4 Ios, Ipados, Iphone Os and 1 more | 2026-04-02 | 5.4 Medium |
| A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy. | ||||
| CVE-2025-43437 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 3.3 Low |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in iOS 26.1 and iPadOS 26.1. An app may be able to fingerprint the user. | ||||
| CVE-2026-28859 | 1 Apple | 8 Ios And Ipados, Ipados, Iphone Os and 5 more | 2026-04-02 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox. | ||||
| CVE-2025-43460 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 4.6 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information. | ||||
| CVE-2026-28875 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-04-02 | 7.5 High |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service. | ||||
| CVE-2026-20638 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-04-02 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions. | ||||
| CVE-2025-24208 | 2 Apple, Redhat | 9 Ipados, Iphone Os, Safari and 6 more | 2026-04-02 | 6.1 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack. | ||||
| CVE-2026-28822 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-04-02 | 6.2 Medium |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker may be able to cause unexpected app termination. | ||||
| CVE-2025-31227 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 4.6 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to access a deleted call recording. | ||||
| CVE-2025-30436 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 9.1 Critical |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker may be able to use Siri to enable Auto-Answer Calls. | ||||
| CVE-2026-28863 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-04-02 | 6.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to fingerprint the user. | ||||
| CVE-2025-43495 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2026-04-02 | 5.4 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An app may be able to monitor keystrokes without user permission. | ||||
| CVE-2024-44251 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 2.4 Low |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to view restricted content from the lock screen. | ||||
| CVE-2025-31207 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 7.7 High |
| A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps. | ||||
| CVE-2026-28855 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-04-02 | 7.5 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3. An app may be able to access protected user data. | ||||
| CVE-2024-44139 | 1 Apple | 2 Ipad Os, Iphone Os | 2026-04-02 | 2.4 Low |
| The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen. | ||||
| CVE-2025-46286 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2026-04-02 | 4.3 Medium |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 26.2 and iPadOS 26.2. Restoring from a backup may prevent passcode from being required immediately after Face ID enrollment. | ||||