CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24249 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24249
31 Mar 2025 — A permissions issue was addressed with additional sandbox restrictions. ... An app may be able to check the existence of an arbitrary path on the file system. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24212 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24212
31 Mar 2025 — An app may be able to break out of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30458 – Apple Security Advisory 03-31-2025-7
https://notcve.org/view.php?id=CVE-2025-30458
31 Mar 2025 — An app may be able to read files outside of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30462 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-30462
31 Mar 2025 — Apps that appear to use App Sandbox may be able to launch without restrictions. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24178 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24178
31 Mar 2025 — An app may be able to break out of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24173 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24173
31 Mar 2025 — An app may be able to break out of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-30429 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-30429
31 Mar 2025 — An app may be able to break out of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24172 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24172
31 Mar 2025 — A permissions issue was addressed with additional sandbox restrictions. ... "Block All Remote Content" may not apply for all mail previews. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24236 – Apple Security Advisory 03-31-2025-8
https://notcve.org/view.php?id=CVE-2025-24236
31 Mar 2025 — An access issue was addressed with additional sandbox restrictions. ... An app may be able to access sensitive user data. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 2CVE-2025-2857 – openSUSE Security Advisory - openSUSE-SU-2025:14958-1
https://notcve.org/view.php?id=CVE-2025-2857
27 Mar 2025 — Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. • https://github.com/RimaRuer/CVE-2025-2857-Exploit •