CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24167
https://notcve.org/view.php?id=CVE-2025-24167
31 Mar 2025 — This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A download's origin may be incorrectly associated. • https://support.apple.com/en-us/122371 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30470
https://notcve.org/view.php?id=CVE-2025-30470
31 Mar 2025 — A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to read sensitive location information. • https://support.apple.com/en-us/122371 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-30427
https://notcve.org/view.php?id=CVE-2025-30427
31 Mar 2025 — A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash. • https://support.apple.com/en-us/122371 • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24262
https://notcve.org/view.php?id=CVE-2025-24262
31 Mar 2025 — A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may be able to access sensitive user data in system logs. • https://support.apple.com/en-us/122373 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40864
https://notcve.org/view.php?id=CVE-2024-40864
31 Mar 2025 — The issue was addressed with improved handling of protocols. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An attacker in a privileged network position can track a user's activity. • https://support.apple.com/en-us/122374 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24235
https://notcve.org/view.php?id=CVE-2025-24235
31 Mar 2025 — A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption. • https://support.apple.com/en-us/122373 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24242
https://notcve.org/view.php?id=CVE-2025-24242
31 Mar 2025 — This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app with root privileges may be able to access private information. • https://support.apple.com/en-us/122373 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24215
https://notcve.org/view.php?id=CVE-2025-24215
31 Mar 2025 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to access private information. • https://support.apple.com/en-us/122372 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24203
https://notcve.org/view.php?id=CVE-2025-24203
31 Mar 2025 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system. • https://support.apple.com/en-us/122372 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24192
https://notcve.org/view.php?id=CVE-2025-24192
31 Mar 2025 — A script imports issue was addressed with improved isolation. This issue is fixed in Safari 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Visiting a website may leak sensitive data. • https://support.apple.com/en-us/122371 •