CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24154 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24154
27 Jan 2025 — An out-of-bounds write was addressed with improved input validation. ... An attacker may be able to cause unexpected system termination or corrupt kernel memory. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24115 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24115
27 Jan 2025 — An app may be able to read files outside of its sandbox. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24149 – Apple SceneKit Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24149
27 Jan 2025 — An out-of-bounds read was addressed with improved bounds checking. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24108 – Apple Security Advisory 01-27-2025-4
https://notcve.org/view.php?id=CVE-2025-24108
27 Jan 2025 — An app may be able to access protected user data. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24124 – Apple macOS MOV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-24124
27 Jan 2025 — An attacker can leverage this vulnerability to execute code in the context of the current process. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24112 – Apple Security Advisory 01-27-2025-5
https://notcve.org/view.php?id=CVE-2025-24112
27 Jan 2025 — Parsing a file may lead to an unexpected app termination. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24145 – Apple Security Advisory 01-27-2025-4
https://notcve.org/view.php?id=CVE-2025-24145
27 Jan 2025 — An app may be able to view a contact's phone number in system logs. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24153 – Apple Security Advisory 01-27-2025-4
https://notcve.org/view.php?id=CVE-2025-24153
27 Jan 2025 — A buffer overflow issue was addressed with improved memory handling. ... An app with root privileges may be able to execute arbitrary code with kernel privileges. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24128 – Apple Security Advisory 01-27-2025-9
https://notcve.org/view.php?id=CVE-2025-24128
27 Jan 2025 — Visiting a malicious website may lead to address bar spoofing. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122066 •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24094 – Apple Security Advisory 01-27-2025-6
https://notcve.org/view.php?id=CVE-2025-24094
27 Jan 2025 — An app may be able to access user-sensitive data. macOS Sequoia 15.3 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122068 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •