Filtered by vendor Apple
Subscriptions
Filtered by product Safari
Subscriptions
Total
1613 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31215 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2026-04-02 | 6.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-31206 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2026-04-02 | 4.3 Medium |
| A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2025-31205 | 2 Apple, Redhat | 13 Ipados, Iphone Os, Macos and 10 more | 2026-04-02 | 6.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A malicious website may exfiltrate data cross-origin. | ||||
| CVE-2025-31204 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2026-04-02 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-31184 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 7.8 High |
| This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. An app may gain unauthorized access to Local Network. | ||||
| CVE-2025-30467 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-04-02 | 4.3 Medium |
| The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. Visiting a malicious website may lead to address bar spoofing. | ||||
| CVE-2025-30466 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 9.8 Critical |
| This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. A website may be able to bypass Same Origin Policy. | ||||
| CVE-2025-30427 | 2 Apple, Redhat | 13 Ipados, Iphone Os, Macos and 10 more | 2026-04-02 | 4.3 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2025-30425 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 4.3 Medium |
| This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. A malicious website may be able to track users in Safari private browsing mode. | ||||
| CVE-2025-24264 | 2 Apple, Redhat | 11 Ipados, Iphone Os, Macos and 8 more | 2026-04-02 | 9.8 Critical |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2025-24223 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2026-04-02 | 8 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-24216 | 2 Apple, Redhat | 13 Ipados, Iphone Os, Macos and 10 more | 2026-04-02 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2025-24213 | 2 Apple, Redhat | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-02 | 7.8 High |
| This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption. | ||||
| CVE-2025-24209 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2026-04-02 | 7 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-24192 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 6.5 Medium |
| A script imports issue was addressed with improved isolation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. Visiting a website may leak sensitive data. | ||||
| CVE-2025-24189 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2026-04-02 | 8.8 High |
| The issue was addressed with improved checks. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-24180 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 8.1 High |
| The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix. | ||||
| CVE-2025-24169 | 1 Apple | 2 Macos, Safari | 2026-04-02 | 7.5 High |
| A logging issue was addressed with improved data redaction. This issue is fixed in Safari 18.3, macOS Sequoia 15.3. A malicious app may be able to bypass browser extension authentication. | ||||
| CVE-2025-24167 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2026-04-02 | 9.8 Critical |
| This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated. | ||||
| CVE-2025-24162 | 2 Apple, Redhat | 13 Ipados, Iphone Os, Macos and 10 more | 2026-04-02 | 6.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||