CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31221 – Apple Security Advisory 05-12-2025-8
https://notcve.org/view.php?id=CVE-2025-31221
12 May 2025 — An integer overflow was addressed with improved input validation. ... A remote attacker may be able to leak memory. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31247 – Apple Security Advisory 05-12-2025-5
https://notcve.org/view.php?id=CVE-2025-31247
12 May 2025 — An attacker may gain access to protected parts of the file system. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31210 – Apple Security Advisory 05-12-2025-2
https://notcve.org/view.php?id=CVE-2025-31210
12 May 2025 — Processing web content may lead to a denial-of-service. iPadOS 17.7.7 addresses code execution, double free, information leakage, integer overflow, out of bounds read, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-31206 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
https://notcve.org/view.php?id=CVE-2025-31206
12 May 2025 — Processing malicious web content can cause a type confusion issue due to improper state handling and result in an unexpected crash. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30440 – Apple Security Advisory 05-12-2025-5
https://notcve.org/view.php?id=CVE-2025-30440
12 May 2025 — An app may be able to bypass ASLR. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122716 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31251 – Apple macOS JPEG Image Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-31251
12 May 2025 — An attacker can leverage this vulnerability to execute code in the context of the current user. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31226 – Apple Security Advisory 05-12-2025-8
https://notcve.org/view.php?id=CVE-2025-31226
12 May 2025 — Processing a maliciously crafted image may lead to a denial-of-service. macOS Sequoia 15.5 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24225 – Apple Security Advisory 05-12-2025-2
https://notcve.org/view.php?id=CVE-2025-24225
12 May 2025 — Processing an email may lead to user interface spoofing. iPadOS 17.7.7 addresses code execution, double free, information leakage, integer overflow, out of bounds read, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31227 – Apple Security Advisory 05-12-2025-1
https://notcve.org/view.php?id=CVE-2025-31227
12 May 2025 — An attacker with physical access to a device may be able to access a deleted call recording. iOS 18.5 and iPadOS 18.5 addresses code execution, double free, integer overflow, out of bounds read, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122404 • CWE-863: Incorrect Authorization •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31196 – Apple Security Advisory 05-12-2025-5
https://notcve.org/view.php?id=CVE-2025-31196
12 May 2025 — Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents. macOS Ventura 13.7.6 addresses bypass, code execution, double free, information leakage, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122405 • CWE-125: Out-of-bounds Read •