CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24141 – Apple Security Advisory 01-27-2025-2
https://notcve.org/view.php?id=CVE-2025-24141
27 Jan 2025 — An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked. iOS 18.3 and iPadOS 18.3 addresses code execution, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2025-24161 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24161
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24177 – Apple Security Advisory 01-27-2025-4
https://notcve.org/view.php?id=CVE-2025-24177
27 Jan 2025 — A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. A remote attacker may be able to cause a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2024-54499 – Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-54499
27 Jan 2025 — A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing a maliciously crafted image may lead to arbitrary code execution. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementati... • https://support.apple.com/en-us/121837 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 1CVE-2024-54507
https://notcve.org/view.php?id=CVE-2024-54507
27 Jan 2025 — A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An attacker with user privileges may be able to read kernel memory. • https://github.com/jprx/CVE-2024-54507 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 2CVE-2025-24085 – Apple Multiple Products Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2025-24085
27 Jan 2025 — A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds w... • https://github.com/clidanc/CVE-2025-24085 • CWE-416: Use After Free •
CVSS: 8.2EPSS: 0%CPEs: 9EXPL: 0CVE-2024-54468
https://notcve.org/view.php?id=CVE-2024-54468
27 Jan 2025 — The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox. • https://support.apple.com/en-us/121837 •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24145 – Apple Security Advisory 01-27-2025-4
https://notcve.org/view.php?id=CVE-2025-24145
27 Jan 2025 — A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.3, iOS 18.3 and iPadOS 18.3. An app may be able to view a contact's phone number in system logs. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 1CVE-2025-24104 – Apple Security Advisory 01-27-2025-3
https://notcve.org/view.php?id=CVE-2025-24104
27 Jan 2025 — This issue was addressed with improved handling of symlinks. This issue is fixed in iPadOS 17.7.4, iOS 18.3 and iPadOS 18.3. Restoring a maliciously crafted backup file may lead to modification of protected system files. iOS 18.3 and iPadOS 18.3 addresses code execution, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://github.com/ifpdz/CVE-2025-24104 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2025-24113 – Apple Security Advisory 01-27-2025-9
https://notcve.org/view.php?id=CVE-2025-24113
27 Jan 2025 — The issue was addressed with improved UI. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. Visiting a malicious website may lead to user interface spoofing. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 •