CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2025-24280
https://notcve.org/view.php?id=CVE-2025-24280
31 Mar 2025 — An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access user-sensitive data. • https://support.apple.com/en-us/122373 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2025-24279
https://notcve.org/view.php?id=CVE-2025-24279
31 Mar 2025 — This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access contacts. • https://support.apple.com/en-us/122373 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: %CPEs: 1EXPL: 0CVE-2025-30451
https://notcve.org/view.php?id=CVE-2025-30451
31 Mar 2025 — This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data. • https://support.apple.com/en-us/122373 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2025-24255
https://notcve.org/view.php?id=CVE-2025-24255
31 Mar 2025 — A file access issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox. • https://support.apple.com/en-us/122373 •
CVSS: 5.0EPSS: %CPEs: 1EXPL: 0CVE-2025-24193
https://notcve.org/view.php?id=CVE-2025-24193
31 Mar 2025 — This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos. • https://support.apple.com/en-us/122371 •
CVSS: 5.5EPSS: %CPEs: 2EXPL: 0CVE-2025-24202
https://notcve.org/view.php?id=CVE-2025-24202
31 Mar 2025 — A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data. • https://support.apple.com/en-us/122371 •
CVSS: 5.5EPSS: %CPEs: 4EXPL: 0CVE-2025-24214
https://notcve.org/view.php?id=CVE-2025-24214
31 Mar 2025 — A privacy issue was addressed by not logging contents of text fields. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data. • https://support.apple.com/en-us/122371 •
CVSS: 5.0EPSS: %CPEs: 3EXPL: 0CVE-2025-24097
https://notcve.org/view.php?id=CVE-2025-24097
31 Mar 2025 — A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. An app may be able to read arbitrary file metadata. • https://support.apple.com/en-us/122371 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: %CPEs: 5EXPL: 0CVE-2025-24243
https://notcve.org/view.php?id=CVE-2025-24243
31 Mar 2025 — The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted file may lead to arbitrary code execution. • https://support.apple.com/en-us/122371 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: %CPEs: 1EXPL: 0CVE-2025-24234
https://notcve.org/view.php?id=CVE-2025-24234
31 Mar 2025 — This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to gain root privileges. • https://support.apple.com/en-us/122373 • CWE-276: Incorrect Default Permissions •