Apple

iPhone OS

4014 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.2

CVE-2026-28866

  • EPSS 0.03%
  • Veröffentlicht 25.03.2026 00:31:45
  • Zuletzt bearbeitet 25.03.2026 21:30:07

This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user dat...

9.3

CVE-2026-20688

  • EPSS 0.03%
  • Veröffentlicht 25.03.2026 00:31:39
  • Zuletzt bearbeitet 26.03.2026 17:10:45

A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox.

6.2

CVE-2026-28867

  • EPSS 0.03%
  • Veröffentlicht 25.03.2026 00:31:37
  • Zuletzt bearbeitet 27.03.2026 21:28:44

This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive...

5.3

CVE-2026-20692

  • EPSS 0.04%
  • Veröffentlicht 25.03.2026 00:31:35
  • Zuletzt bearbeitet 27.03.2026 20:16:25

A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to ...

4.3

CVE-2026-28871

  • EPSS 0.04%
  • Veröffentlicht 25.03.2026 00:31:33
  • Zuletzt bearbeitet 30.03.2026 12:27:17

A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.

5.4

CVE-2026-20643

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 17.03.2026 22:29:48
  • Zuletzt bearbeitet 25.03.2026 01:17:04

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Ta...

8.8

CVE-2023-43010

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 12.03.2026 01:15:54
  • Zuletzt bearbeitet 25.03.2026 18:45:58

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead ...

6.5

CVE-2026-20644

  • EPSS 0.07%
  • Veröffentlicht 11.02.2026 22:59:05
  • Zuletzt bearbeitet 02.04.2026 19:21:16

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected p...

7.5

CVE-2026-20652

  • EPSS 0.26%
  • Veröffentlicht 11.02.2026 22:59:04
  • Zuletzt bearbeitet 02.04.2026 19:21:17

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service.

4.6

CVE-2026-20605

  • EPSS 0.01%
  • Veröffentlicht 11.02.2026 22:59:03
  • Zuletzt bearbeitet 02.04.2026 19:21:08

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to crash a system process.