CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-54512
https://notcve.org/view.php?id=CVE-2024-54512
27 Jan 2025 — The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user's Apple Account. • https://support.apple.com/en-us/121837 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-24143 – webkitgtk: A maliciously crafted webpage may be able to fingerprint the user
https://notcve.org/view.php?id=CVE-2025-24143
27 Jan 2025 — The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user. A flaw was found in WebKitGTK. A maliciously crafted web page may be able to fingerprint the user due to improper access restrictions to the file system. • https://support.apple.com/en-us/122066 • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-54497 – Apple macOS WindowServer Unchecked Input for Loop Condition Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-54497
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial-of-service. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WindowServer componen... • https://support.apple.com/en-us/121837 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-54478 – Apple Security Advisory 01-27-2025-3
https://notcve.org/view.php?id=CVE-2024-54478
27 Jan 2025 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to an unexpected process crash. iPadOS 17.7.4 addresses code execution, out of bounds access, and out of bounds read vulnerabilities. • https://support.apple.com/en-us/121837 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 1CVE-2024-54507
https://notcve.org/view.php?id=CVE-2024-54507
27 Jan 2025 — A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An attacker with user privileges may be able to read kernel memory. • https://github.com/jprx/CVE-2024-54507 • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-54550
https://notcve.org/view.php?id=CVE-2024-54550
27 Jan 2025 — This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An app may be able to view autocompleted contact information from Messages and Mail in system logs. • https://support.apple.com/en-us/121837 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24159 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24159
27 Jan 2025 — A validation issue was addressed with improved logic. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to execute arbitrary code with kernel privileges. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24163 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24163
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-24162 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
https://notcve.org/view.php?id=CVE-2025-24162
27 Jan 2025 — This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash. A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management. • https://support.apple.com/en-us/122066 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24123 – Apple macOS MOV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24123
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.... • https://support.apple.com/en-us/122066 •