CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2025-43186 – Apple macOS AudioToolbox MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-43186
29 Jul 2025 — The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6, macOS Ventura 13.7.7. Parsing a file may lead to an unexpected app termination. El problema se solucionó mejorando la gestión de la memoria. Este problema está corregido en watchOS 11.6, iOS 18.6 y iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6 y macOS Ventura 13.7.7. • https://support.apple.com/en-us/124147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2025-43209 – Apple Safari getHourCycles Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-43209
29 Jul 2025 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sonoma 14.7.7, watchOS 11.6, visionOS 2.6, macOS Ventura 13.7.7. Processing maliciously crafted web content may lead to an unexpected Safari crash. Se solucionó un problema de acceso fuera de los límites mejorando la comprobación de los límites. Este problema está corregido en macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 y iPadOS 18.6,... • https://support.apple.com/en-us/124147 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-43214 – Apple Safari JavascriptCore WasmToJSException Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-43214
29 Jul 2025 — The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash. El problema se solucionó mejorando la gestión de la memoria. Este problema está corregido en watchOS 11.6, iOS 18.6 y iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6 y visionOS 2.6. • https://support.apple.com/en-us/124147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-43221 – Apple macOS USD importAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-43221
29 Jul 2025 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, visionOS 2.6, tvOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. Se solucionó un problema de acceso fuera de los límites mejorando la comprobación de los límites. Este problema se solucionó en macOS Sequoia 15.6, iOS 18.6, iPadOS 18.6, visionOS 2.6 y tvOS 18.6. • https://support.apple.com/en-us/124147 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-43224 – Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-43224
29 Jul 2025 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. Se solucionó un problema de acceso fuera de los límites mejorando la comprobación de los límites. Este problema se solucionó en visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 y iPadOS 18.6. • https://support.apple.com/en-us/124147 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27830 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27830
10 Jun 2024 — This issue was addressed through improved state management. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user. Esta cuestión se abordó mediante una mejora de gestión de estado. Este problema se solucionó en tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. • http://seclists.org/fulldisclosure/2024/Jun/5 •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27851 – webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2024-27851
10 Jun 2024 — The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. El problema se solucionó con comprobaciones de los límites mejoradas. Este problema se solucionó en tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27806
https://notcve.org/view.php?id=CVE-2024-27806
10 Jun 2024 — This issue was addressed with improved environment sanitization. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to access sensitive user data. Este problema se abordó con una mejor sanitización del medio ambiente. Este problema se solucionó en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 y iPadOS 16.7.8, tvOS 17.5, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS ... • https://support.apple.com/en-us/HT214100 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27811 – Apple Security Advisory 06-10-2024-1
https://notcve.org/view.php?id=CVE-2024-27811
10 Jun 2024 — The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to elevate privileges. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17.5, visionOS 1.2, iOS 17.5 y iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. • http://seclists.org/fulldisclosure/2024/Jun/5 • CWE-269: Improper Privilege Management •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27807
https://notcve.org/view.php?id=CVE-2024-27807
10 Jun 2024 — The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. An app may be able to circumvent App Privacy Report logging. El problema se solucionó con controles mejorados. Este problema se solucionó en iOS 17.5 y iPadOS 17.5, iOS 16.7.8 y iPadOS 16.7.8. • https://support.apple.com/en-us/HT214100 •