CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24180 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24180
31 Mar 2025 — A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24231 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24231
31 Mar 2025 — An app may be able to modify protected parts of the file system. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24266 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24266
31 Mar 2025 — A buffer overflow was addressed with improved bounds checking. ... An app may be able to cause unexpected system termination. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30458 – Apple Security Advisory 03-31-2025-7
https://notcve.org/view.php?id=CVE-2025-30458
31 Mar 2025 — An app may be able to read files outside of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30462 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-30462
31 Mar 2025 — Apps that appear to use App Sandbox may be able to launch without restrictions. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30435 – Apple Security Advisory 03-31-2025-7
https://notcve.org/view.php?id=CVE-2025-30435
31 Mar 2025 — A sandboxed app may be able to access sensitive user data in system logs. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-30463 – Apple Security Advisory 03-31-2025-7
https://notcve.org/view.php?id=CVE-2025-30463
31 Mar 2025 — An app may be able to access sensitive user data. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24267 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24267
31 Mar 2025 — An app may be able to gain root privileges. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24230 – Apple macOS MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24230
31 Mar 2025 — An out-of-bounds read issue was addressed with improved input validation. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the WebKit GPU process. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-30438 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-30438
31 Mar 2025 — A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was started. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •