CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2025-24131 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24131
27 Jan 2025 — An attacker in a privileged position may be able to perform a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2025-24086 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24086
27 Jan 2025 — Processing an image may lead to a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24100 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24100
27 Jan 2025 — An app may be able to access information about a user's contacts. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24116 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24116
27 Jan 2025 — An app may be able to bypass Privacy preferences. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2025-24161 – Apple Security Advisory 01-27-2025-8
https://notcve.org/view.php?id=CVE-2025-24161
27 Jan 2025 — Parsing a file may lead to an unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54509 – Apple Security Advisory 01-27-2025-5
https://notcve.org/view.php?id=CVE-2024-54509
27 Jan 2025 — An out-of-bounds write issue was addressed with improved input validation. ... An app may be able to cause unexpected system termination or write kernel memory. macOS Sonoma 14.7.3 addresses bypass, code execution, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121839 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24136 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24136
27 Jan 2025 — A malicious app may be able to create symlinks to protected regions of the disk. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24120 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24120
27 Jan 2025 — An attacker may be able to cause unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24177 – Apple Security Advisory 01-27-2025-4
https://notcve.org/view.php?id=CVE-2025-24177
27 Jan 2025 — A remote attacker may be able to cause a denial-of-service. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24176 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24176
27 Jan 2025 — A local attacker may be able to elevate their privileges. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-276: Incorrect Default Permissions •