CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24276 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24276
31 Mar 2025 — A malicious app may be able to access private information. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-30425 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-30425
31 Mar 2025 — A malicious website may be able to track users in Safari private browsing mode. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24173 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24173
31 Mar 2025 — An app may be able to break out of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-30464 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-30464
31 Mar 2025 — An out-of-bounds write issue was addressed with improved bounds checking. ... An app may be able to cause unexpected system termination or corrupt kernel memory. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-30433 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-30433
31 Mar 2025 — A shortcut may be able to access files that are normally inaccessible to the Shortcuts app. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30444 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-30444
31 Mar 2025 — Mounting a maliciously crafted SMB network share may lead to system termination. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24283 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24283
31 Mar 2025 — An app may be able to access sensitive user data. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30452 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-30452
31 Mar 2025 — An input validation issue was addressed. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24256 – Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24256
31 Mar 2025 — An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24190 – Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24190
31 Mar 2025 — An attacker can leverage this vulnerability to execute code in the context of the WebKit GPU process. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-400: Uncontrolled Resource Consumption •