Export limit exceeded: 342050 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342050 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342050 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24118 | 1 Apple | 2 Ipados, Macos | 2026-04-02 | 9.8 Critical |
| The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2026-35386 | 1 Openbsd | 1 Openssh | 2026-04-02 | 3.6 Low |
| In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config. | ||||
| CVE-2024-40837 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. | ||||
| CVE-2025-43249 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-02 | 7.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges. | ||||
| CVE-2025-43422 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-04-02 | 4.6 Medium |
| The issue was addressed by adding additional logic. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a device may be able to disable Stolen Device Protection. | ||||
| CVE-2026-20640 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-04-02 | 4.6 Medium |
| An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac. | ||||
| CVE-2025-43208 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive location information. | ||||
| CVE-2024-44136 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 9.1 Critical |
| This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection. | ||||
| CVE-2026-35385 | 1 Openbsd | 1 Openssh | 2026-04-02 | 7.5 High |
| In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode). | ||||
| CVE-2025-43199 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-04-02 | 9.8 Critical |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app may be able to gain root privileges. | ||||
| CVE-2025-31249 | 1 Apple | 1 Macos | 2026-04-02 | 7.1 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. | ||||
| CVE-2025-30458 | 1 Apple | 1 Macos | 2026-04-02 | 9.8 Critical |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read files outside of its sandbox. | ||||
| CVE-2024-54531 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. An app may be able to bypass kASLR. | ||||
| CVE-2025-43418 | 1 Apple | 4 Ios, Ipad Os, Ipados and 1 more | 2026-04-02 | 4.6 Medium |
| This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information. | ||||
| CVE-2026-28876 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-04-02 | 7.5 High |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to access sensitive user data. | ||||
| CVE-2025-24088 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| The issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26. An app may be able to override MDM-enforced settings from profiles. | ||||
| CVE-2026-28821 | 1 Apple | 1 Macos | 2026-04-02 | 8.4 High |
| A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain elevated privileges. | ||||
| CVE-2025-24134 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data. | ||||
| CVE-2025-43459 | 1 Apple | 1 Watchos | 2026-04-02 | 4.6 Medium |
| An authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail. | ||||
| CVE-2026-28837 | 1 Apple | 1 Macos | 2026-04-02 | 7.5 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data. | ||||