CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43237 – Apple Security Advisory 07-29-2025-3
https://notcve.org/view.php?id=CVE-2025-43237
29 Jul 2025 — An out-of-bounds write issue was addressed with improved bounds checking. ... An app may be able to cause unexpected system termination. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124149 • CWE-787: Out-of-bounds Write •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43197 – Apple Security Advisory 07-29-2025-5
https://notcve.org/view.php?id=CVE-2025-43197
29 Jul 2025 — An app may be able to access sensitive user data. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124149 • CWE-863: Incorrect Authorization •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43206 – Apple Security Advisory 07-29-2025-5
https://notcve.org/view.php?id=CVE-2025-43206
29 Jul 2025 — An app may be able to access protected user data. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124149 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43196 – Apple Security Advisory 07-29-2025-5
https://notcve.org/view.php?id=CVE-2025-43196
29 Jul 2025 — An app may be able to gain root privileges. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124149 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.0EPSS: 0%CPEs: 6EXPL: 0CVE-2025-43265 – Apple Security Advisory 07-29-2025-8
https://notcve.org/view.php?id=CVE-2025-43265
29 Jul 2025 — An out-of-bounds read was addressed with improved input validation. ... Processing maliciously crafted web content may disclose internal states of the app. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124152 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43233 – Apple Security Advisory 07-29-2025-5
https://notcve.org/view.php?id=CVE-2025-43233
29 Jul 2025 — A malicious app acting as a HTTPS proxy could get access to sensitive user data. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124149 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24188 – Apple Security Advisory 07-29-2025-3
https://notcve.org/view.php?id=CVE-2025-24188
29 Jul 2025 — Processing maliciously crafted web content may lead to an unexpected Safari crash. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124152 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-43216 – Apple Security Advisory 07-29-2025-8
https://notcve.org/view.php?id=CVE-2025-43216
29 Jul 2025 — Processing maliciously crafted web content may lead to an unexpected Safari crash. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124152 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43276 – Apple Security Advisory 07-29-2025-3
https://notcve.org/view.php?id=CVE-2025-43276
29 Jul 2025 — This issue is fixed in macOS Sequoia 15.6. iCloud Private Relay may not activate when more than one user is logged in at the same time. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124149 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43260 – Apple Security Advisory 07-29-2025-4
https://notcve.org/view.php?id=CVE-2025-43260
29 Jul 2025 — An app may be able to hijack entitlements granted to other privileged apps. macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/124149 • CWE-266: Incorrect Privilege Assignment •