📦 Visionos

This CVE describes a race condition vulnerability in Apple operating systems that allows shortcuts to bypass sandbox restrictions through improper handling of symbolic links. Attackers could potential...

This CVE describes an authentication bypass vulnerability in Apple's Photos app where unauthorized users can view photos in the Hidden Photos Album without proper authentication. It affects users of v...

This CVE describes a UDP socket binding vulnerability in Apple operating systems where a UDP server socket bound to a local interface may unexpectedly become bound to all interfaces. This affects mult...

This vulnerability in Apple's Safari browser and related operating systems allows processing malicious web content to cause unexpected process crashes. It affects users of Safari, iOS, iPadOS, tvOS, w...

An input validation vulnerability in Apple operating systems allows attackers to execute arbitrary code or cause denial of service by sending specially crafted input. This affects users of visionOS, t...

This CVE describes memory corruption vulnerabilities in Apple's graphics processing that could allow arbitrary code execution. Attackers can exploit these flaws by tricking users into processing malic...

This is a critical out-of-bounds memory access vulnerability in Apple's Safari browser across multiple Apple operating systems. Processing malicious web content can cause Safari to crash unexpectedly,...

This CVE describes an input validation vulnerability in Apple operating systems that allows maliciously crafted files to cause unexpected app termination. The vulnerability affects visionOS, tvOS, mac...

This is a critical memory corruption vulnerability in Apple's file parsing components across multiple operating systems. Exploitation could allow arbitrary code execution when processing malicious fil...

This vulnerability allows malicious websites to bypass the Same Origin Policy in Apple's Safari browser and related WebKit-based browsers. This could enable cross-site data theft or session hijacking....

This vulnerability allows an attacker to enable iCloud folder sharing without proper authentication. It affects multiple Apple operating systems including macOS, iOS, iPadOS, and visionOS. Users with ...

This is a critical memory corruption vulnerability in Apple's media processing that allows remote code execution via malicious audio streams. Attackers can exploit it by tricking users into opening cr...

This vulnerability allows malicious applications to delete files they shouldn't have permission to access by exploiting improper symlink handling. It affects Apple devices running vulnerable versions ...

This vulnerability allows password autofill to incorrectly populate passwords even after authentication fails, potentially exposing credentials. It affects Apple visionOS, iOS, iPadOS, and macOS users...

This vulnerability allows malicious shortcuts in Apple's Shortcuts app to bypass file access restrictions and read sensitive files that should be inaccessible. It affects users of visionOS, macOS, iOS...

This vulnerability allows an app to enumerate a user's installed applications without proper authorization. It affects Apple devices running vulnerable versions of visionOS, tvOS, iPadOS, iOS, and mac...

This CVE describes an out-of-bounds read vulnerability in Apple's audio file processing that could allow unexpected app termination. Attackers could exploit this by tricking users into playing malicio...

A buffer overflow vulnerability in Apple operating systems allows malicious apps to cause system crashes or potentially execute arbitrary code. This affects visionOS, macOS, iOS, and iPadOS users runn...

A memory corruption vulnerability in Apple's video processing components allows attackers to cause unexpected app termination or corrupt process memory by tricking users into opening malicious video f...

This is a critical memory corruption vulnerability in Apple's video processing components across multiple operating systems. Processing a maliciously crafted video file can cause unexpected applicatio...

A memory corruption vulnerability in Apple operating systems allows attackers with memory write capability to execute arbitrary code. This affects watchOS, tvOS, macOS, visionOS, iOS, and iPadOS versi...

This CVE describes a memory handling vulnerability in Apple operating systems and Safari that could allow a remote attacker to cause denial-of-service. The issue affects macOS, iOS, iPadOS, visionOS, ...

This CVE describes a path handling vulnerability (CWE-22) in multiple Apple operating systems and Safari that allows a remote attacker to write arbitrary files to affected systems. The vulnerability a...

This CVE describes a privacy vulnerability in Apple operating systems where an app could potentially identify what other apps a user has installed, exposing sensitive user data. It affects multiple Ap...

This CVE describes a Bluetooth denial-of-service vulnerability affecting multiple Apple operating systems. An attacker in a privileged network position can send crafted Bluetooth packets to cause deni...

This vulnerability allows a malicious application to gain root privileges on affected Apple devices. It affects macOS, iOS, iPadOS, and visionOS systems running vulnerable versions. Attackers could ex...

This CVE describes a sandbox escape vulnerability in multiple Apple operating systems where an app can bypass its security restrictions. It affects users of watchOS, tvOS, macOS, iOS, iPadOS, and visi...

A path validation vulnerability in Apple operating systems allows malicious applications to gain root privileges through improper path handling. This affects iOS, iPadOS, macOS, and visionOS users run...

A race condition vulnerability in Apple operating systems allows malicious applications to potentially gain root privileges. This affects users running vulnerable versions of iOS, iPadOS, macOS, watch...

This CVE describes an out-of-bounds memory access vulnerability in Apple's media file processing across multiple operating systems. Attackers can craft malicious media files that cause application cra...

A use-after-free vulnerability in Apple's WebKit browser engine allows processing malicious web content to execute arbitrary code. This affects multiple Apple operating systems and Safari browser vers...

This CVE describes a memory corruption vulnerability in Apple operating systems that could allow a malicious application to cause system crashes or write to kernel memory. It affects multiple Apple pl...

A mail header parsing vulnerability in Apple operating systems allows attackers to cause persistent denial-of-service conditions. This affects users of iOS, iPadOS, macOS, watchOS, and visionOS who pr...

This CVE describes a memory corruption vulnerability in Apple operating systems that could allow a malicious application to manipulate shared memory between processes. The issue affects multiple Apple...

This vulnerability allows remote attackers to perform out-of-bounds memory access in ANGLE (Almost Native Graphics Layer Engine) in Google Chrome on macOS. Attackers can exploit this by tricking users...

This CVE describes a privacy vulnerability in Apple operating systems where applications could bypass user preference controls to access sensitive user data. The issue affects iOS, iPadOS, watchOS, ma...

This CVE describes a privacy bypass vulnerability in Apple operating systems where applications can circumvent certain privacy preferences, potentially accessing sensitive data they shouldn't. It affe...

This vulnerability allows remote content to be loaded even when the 'Load Remote Images' setting is disabled in affected Apple operating systems. This bypasses user privacy controls and could lead to ...

This vulnerability allows an application to escape its sandbox restrictions on affected Apple operating systems. It affects users running vulnerable versions of tvOS, macOS, iOS, iPadOS, and visionOS....

This vulnerability allows sandboxed applications on Apple operating systems to observe system-wide network connections, potentially exposing sensitive network traffic information. It affects multiple ...

An out-of-bounds memory access vulnerability in Apple's media file processing allows malicious media files to cause application crashes or memory corruption. This affects users of Apple's operating sy...

This vulnerability allows remote attackers to view leaked DNS queries when Apple's Private Relay feature is enabled. It affects users of Safari, iOS, iPadOS, tvOS, watchOS, and visionOS with Private R...

This CVE-2025-43361 is an out-of-bounds read vulnerability in Apple operating systems that allows malicious applications to read kernel memory. It affects multiple Apple platforms including iOS, iPadO...

This vulnerability allows apps to bypass entitlement checks and fingerprint users on Apple devices. It affects visionOS, tvOS, iOS, iPadOS, and watchOS before version 26. The issue enables unauthorize...

A permissions vulnerability in visionOS allows malicious applications to escalate privileges and gain root access. This affects visionOS devices running versions before 26. Users who install untrusted...

An out-of-bounds memory access vulnerability in Apple's media processing components allows attackers to cause denial of service or potentially execute arbitrary code by tricking users into opening mal...

This vulnerability in Apple's WebKit browser engine allows malicious web content to bypass security controls and access sensitive user information. It affects Safari and all Apple operating systems th...

This vulnerability allows a remote attacker to cause unexpected system termination (crash/reboot) on affected Apple devices. It affects multiple Apple operating systems including iOS, iPadOS, tvOS, ma...

This memory corruption vulnerability in Apple's WebKit browser engine allows attackers to execute arbitrary code by tricking users into visiting malicious websites. It affects Safari and all Apple ope...

This is a memory corruption vulnerability in Apple's WebKit browser engine affecting multiple Apple operating systems. Processing malicious web content could allow attackers to execute arbitrary code ...

This vulnerability in Google Chrome's ANGLE and GPU components allows insufficient input validation, enabling a remote attacker to potentially escape the browser sandbox via a malicious HTML page. All...

This memory corruption vulnerability in Apple's WebKit browser engine allows attackers to execute arbitrary code by tricking users into visiting malicious websites. It affects Safari and all Apple ope...

This memory corruption vulnerability in Apple's WebKit browser engine allows attackers to execute arbitrary code by tricking users into visiting malicious websites. It affects all Apple devices runnin...

This CVE describes a memory corruption vulnerability in Apple operating systems that could allow an attacker to cause system crashes or corrupt kernel memory. The issue affects multiple Apple platform...

This is a memory corruption vulnerability in Apple operating systems that could allow an attacker to cause system crashes or corrupt kernel memory. It affects multiple Apple platforms including iOS, m...

This CVE describes an integer overflow vulnerability in multiple Apple operating systems that could allow a remote attacker to leak memory. The vulnerability affects watchOS, macOS, tvOS, iPadOS, iOS,...

This is a memory corruption vulnerability in Apple's WebKit browser engine affecting multiple Apple operating systems and Safari. Processing malicious web content could allow attackers to execute arbi...

This is a cross-site request forgery (CSRF) vulnerability in Apple's WebKit browser engine that could allow memory corruption when processing malicious web content. It affects users of Apple devices a...

This CVE describes an authentication bypass vulnerability in multiple Apple operating systems where an attacker on the local network can circumvent authentication policies. The issue affects macOS, tv...

A use-after-free memory corruption vulnerability in Apple operating systems allows local network attackers to corrupt process memory. This affects macOS, iOS, iPadOS, tvOS, and visionOS. Successful ex...

This CVE describes an image processing vulnerability in Apple operating systems where improper bounds checks could allow maliciously crafted images to disclose user information. The vulnerability affe...

This vulnerability allows malicious websites to track users through Safari web extensions due to improper state management. It affects users of Apple's Safari browser across multiple Apple operating s...

A path validation vulnerability in Apple operating systems allows applications to access sensitive user data through improper directory path parsing. This affects macOS, iOS, iPadOS, and visionOS user...

This memory handling vulnerability in Apple operating systems allows an app to cause unexpected system termination (kernel panic/crash). All users running affected Apple operating systems before the p...

This memory handling vulnerability in Apple's WebKit browser engine allows processing malicious web content to cause unexpected process crashes. It affects users of macOS, iOS, iPadOS, visionOS, and S...

This CVE describes an environment variable handling vulnerability in Apple operating systems that could allow malicious apps to access sensitive user data. The issue affects multiple Apple platforms i...

This memory handling vulnerability in Apple's image processing components allows disclosure of process memory when processing malicious images. It affects multiple Apple operating systems including iO...

This CVE describes a memory handling vulnerability in Apple's WebKit browser engine that affects multiple Apple operating systems and Safari. Processing malicious web content could cause unexpected pr...

This memory handling vulnerability in Apple's WebKit browser engine allows processing malicious web content to cause unexpected process crashes. It affects users of iOS, iPadOS, Safari, macOS, and vis...

An out-of-bounds write vulnerability in USD file processing allows attackers to cause unexpected app termination or potentially execute arbitrary code by tricking users into opening malicious USD file...

A path validation vulnerability in macOS and visionOS allows applications to bypass directory restrictions and access sensitive user data. This affects users running vulnerable versions of macOS Sequo...

This CVE describes a memory management vulnerability in Apple's WebKit browser engine that could cause unexpected process crashes when processing malicious web content. It affects multiple Apple opera...

This memory handling vulnerability in Apple operating systems allows processing malicious files to cause denial-of-service or memory disclosure. It affects multiple Apple platforms including iOS, macO...

A permissions vulnerability in Apple operating systems allows applications to access sensitive payment tokens without proper authorization. This affects visionOS, iOS, iPadOS, watchOS, and macOS users...

This CVE describes a memory handling vulnerability in Apple's Safari browser and related operating systems. Processing malicious web content could cause an unexpected process crash (denial of service)...

A type confusion vulnerability in Apple's Safari browser and related operating systems could cause unexpected crashes when processing malicious web content. This affects users running vulnerable versi...

A buffer overflow vulnerability in Apple's Safari browser and related operating systems allows attackers to cause unexpected process crashes by tricking users into visiting malicious websites. This af...

This vulnerability allows an attacker in physical proximity to cause an out-of-bounds read in kernel memory on Apple devices. It affects multiple Apple operating systems including iOS, iPadOS, macOS, ...

This CVE describes an out-of-bounds memory access vulnerability in Apple operating systems that could allow an app to bypass Address Space Layout Randomization (ASLR). The vulnerability affects multip...

This CVE describes a user interface spoofing vulnerability in Apple operating systems and Safari browser. Visiting a malicious website could allow attackers to present fake interface elements, potenti...

This CVE describes a privacy vulnerability in Apple operating systems where applications could fingerprint users by accessing sensitive data. The issue affects multiple Apple platforms including iOS, ...

This CVE describes an address bar spoofing vulnerability in Apple web browsers. Visiting a malicious website could allow attackers to display a fake URL in the address bar, tricking users into thinkin...

This CVE describes an authorization vulnerability in Apple operating systems where improper state management could allow an application to access sensitive user data without proper permissions. The vu...

This vulnerability allows malicious websites to bypass same-origin policy protections and exfiltrate image data from other websites. It affects users of Apple's Safari browser and operating systems wi...

This memory handling vulnerability in Apple operating systems allows applications to cause unexpected system termination (kernel panic/crash). All users running affected Apple OS versions are vulnerab...

This CVE describes a symlink validation vulnerability in Apple operating systems that could allow malicious apps to bypass file system protections and access sensitive user data. The vulnerability aff...

This CVE describes an out-of-bounds memory access vulnerability in Apple's media file processing. Attackers can craft malicious media files that cause affected applications to crash or corrupt memory ...

This CVE describes an out-of-bounds memory access vulnerability in Apple's media file processing. Attackers can craft malicious media files that cause affected Apple devices to crash or corrupt memory...

This CVE describes an out-of-bounds memory access vulnerability in Apple's media file processing components. Attackers can craft malicious media files that cause affected applications to crash or corr...

This CVE describes a privacy vulnerability in Apple operating systems where an application could access sensitive user data without proper authorization. The issue affects macOS, iOS, iPadOS, and visi...

A logic vulnerability in Apple operating systems allows attackers in privileged network positions to intercept network traffic. This affects multiple Apple platforms including iOS, macOS, watchOS, tvO...

This CVE describes an information disclosure vulnerability in Apple operating systems where an app could identify what other apps a user has installed. It affects users of iOS, iPadOS, watchOS, macOS,...

This vulnerability involves memory corruption issues in Apple's operating systems that could allow a malicious HID (Human Interface Device) to cause unexpected process crashes. It affects multiple App...

This CVE describes a race condition vulnerability in Apple's web content processing that could allow an attacker to cause unexpected process crashes. It affects multiple Apple operating systems and Sa...