CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-54518
https://notcve.org/view.php?id=CVE-2024-54518
27 Jan 2025 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. • https://support.apple.com/en-us/121837 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2025-24131 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24131
27 Jan 2025 — The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2025-24086 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24086
27 Jan 2025 — The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24141 – Apple Security Advisory 01-27-2025-2
https://notcve.org/view.php?id=CVE-2025-24141
27 Jan 2025 — An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked. iOS 18.3 and iPadOS 18.3 addresses code execution, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2025-24161 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24161
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24177 – Apple Security Advisory 01-27-2025-4
https://notcve.org/view.php?id=CVE-2025-24177
27 Jan 2025 — A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2024-54499 – Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-54499
27 Jan 2025 — A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing a maliciously crafted image may lead to arbitrary code execution. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementati... • https://support.apple.com/en-us/121837 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24137 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24137
27 Jan 2025 — A type confusion issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A remote attacker may cause an unexpected application termination or arbitrary code execution. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24160 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24160
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24117 – Apple Security Advisory 01-27-2025-7
https://notcve.org/view.php?id=CVE-2025-24117
27 Jan 2025 — This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may be able to fingerprint the user. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-922: Insecure Storage of Sensitive Information •