CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27859
https://notcve.org/view.php?id=CVE-2024-27859
10 Feb 2025 — The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to arbitrary code execution. El problema se solucionó mejorando la gestión de la memoria. Este problema se solucionó en iOS 17.4 y iPadOS 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1 y macOS Sonoma 14.4. • https://support.apple.com/en-us/120881 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24150 – webkitgtk: Copying a URL from Web Inspector may lead to command injection
https://notcve.org/view.php?id=CVE-2025-24150
27 Jan 2025 — A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection. A flaw was found in WebKitGTK. Copying a URL from Web Inspector may lead to command injection due to improper file handling. • https://support.apple.com/en-us/122066 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2025-24107 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24107
27 Jan 2025 — A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3 and iPadOS 18.3. A malicious app may be able to gain root privileges. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2024-54543 – webkitgtk: Processing maliciously crafted web content may lead to memory corruption
https://notcve.org/view.php?id=CVE-2024-54543
27 Jan 2025 — The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption. A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. • https://support.apple.com/en-us/121837 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-54522
https://notcve.org/view.php?id=CVE-2024-54522
27 Jan 2025 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. • https://support.apple.com/en-us/121837 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-54488
https://notcve.org/view.php?id=CVE-2024-54488
27 Jan 2025 — A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication. • https://support.apple.com/en-us/121837 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-24127 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24127
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-54518
https://notcve.org/view.php?id=CVE-2024-54518
27 Jan 2025 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. • https://support.apple.com/en-us/121837 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2025-24131 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24131
27 Jan 2025 — The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2025-24086 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24086
27 Jan 2025 — The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-770: Allocation of Resources Without Limits or Throttling •