CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24237 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24237
31 Mar 2025 — A buffer overflow was addressed with improved bounds checking. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24221 – Apple Security Advisory 03-31-2025-11
https://notcve.org/view.php?id=CVE-2025-24221
31 Mar 2025 — This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Sensitive keychain data may be accessible from an iOS backup. iOS 18.4 and iPadOS 18.4 addresses buffer overflow, bypass, cross site scripting, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24173 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24173
31 Mar 2025 — This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-30433 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-30433
31 Mar 2025 — This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24283 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24283
31 Mar 2025 — A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24190 – Apple macOS MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24190
31 Mar 2025 — The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must v... • https://support.apple.com/en-us/122371 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-30429 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-30429
31 Mar 2025 — A path handling issue was addressed with improved validation. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24095 – Apple Security Advisory 03-31-2025-11
https://notcve.org/view.php?id=CVE-2025-24095
31 Mar 2025 — This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass Privacy preferences. iOS 18.4 and iPadOS 18.4 addresses buffer overflow, bypass, cross site scripting, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24216 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24216
31 Mar 2025 — The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24257 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24257
31 Mar 2025 — An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to cause unexpected system termination or write kernel memory. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122371 • CWE-787: Out-of-bounds Write •